Shmoocon: Keynote

Dan Greer was the Keynote speaker at Shmoocon.
For a statistician he made a rather broad brush statement that current security workers have no formal training. Yet now every college has a security course. The non-credentialed he says are the ones with skills while those with credentials are the charlatans.
Was the world really better when the astronomers where the ones hunting down the hackers? Is the best hacker one with no formal training? It certainly is popular to attack anyone who has bothered to get a certification or a degree as if that certifies them as having no skills at all.
I do agree with his statement that as demand for security professionals outstrips supply, the number of charlatans increases. Its very annoying to watch clueless people stampede after the money. At least in the pre-credential days, you knew people were doing it because they loved the challenge.
Greer also talked about a change in focus from prevention to detection and recovery. Ceeding that attacks will succeed but making sure what is important is recoverable. With strong recovery capability in place, you can apply patches at they are released without a formal q/a process.
Another interesting comment from Greer is that according to Symantec’s own data a new virus is released every 4 hours. How often do you update your antivirus definitions? It is a doomed model.