InfoSec in flux, facing fads with FUD

Summary:Classic information security defences aren't up to the task of facing the latest fashions in attacks, according to Sourcefire founder and CTO Martin Roesch.

"There are fads in attack, just like there are in any other world, and the current fad that nobody has a very good grip on is cyberwarfare, advanced persistent threats, persistent embedded malware, all that kind of stuff," Roesch tells this week's Patch Monday podcast.

"The defences that are out there, many of them are inadequate to the task. Classic defences of classic AV [antivirus], classic firewalling, and things like that don't do a whole lot versus these kinds of attacks," he said.

As a result, the industry is in a time of flux, and, if that wasn't confusing enough, Roesch believes that many vendors are spreading FUD — fear, uncertainty, and doubt.

"Vendors spend way too much time confusing the market these days ... there's so much FUD that's being blown out there by the vendors themselves that we're all doing each other a disservice by not talking about these problems rationally."

Roesch also tells the story of how Sourcefire grew from the Snort packet sniffer, a personal, free, open-source software project that he started in 1998, and which is still available for free today, to the US$1.4 billion company it is today.

"Today, we call this a freemium model. We're like business-model hipsters at Sourcefire. We did this stuff before it was cool," he said.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney +61 2 8011 3733.

Running time: 47 minutes, 35 seconds

"Pigs" sound effect by Erdie, CC BY 3.0.

Topics: Security


Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust. He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit tr... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.