InfoSec in flux, facing fads with FUD

Classic information security defences aren't up to the task of facing the latest fashions in attacks, according to Sourcefire founder and CTO Martin Roesch.

"There are fads in attack, just like there are in any other world, and the current fad that nobody has a very good grip on is cyberwarfare, advanced persistent threats, persistent embedded malware, all that kind of stuff," Roesch tells this week's Patch Monday podcast.

"The defences that are out there, many of them are inadequate to the task. Classic defences of classic AV [antivirus], classic firewalling, and things like that don't do a whole lot versus these kinds of attacks," he said.

As a result, the industry is in a time of flux, and, if that wasn't confusing enough, Roesch believes that many vendors are spreading FUD — fear, uncertainty, and doubt.

"Vendors spend way too much time confusing the market these days ... there's so much FUD that's being blown out there by the vendors themselves that we're all doing each other a disservice by not talking about these problems rationally."

Roesch also tells the story of how Sourcefire grew from the Snort packet sniffer, a personal, free, open-source software project that he started in 1998, and which is still available for free today, to the US$1.4 billion company it is today.

"Today, we call this a freemium model. We're like business-model hipsters at Sourcefire. We did this stuff before it was cool," he said.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney +61 2 8011 3733.

Running time: 47 minutes, 35 seconds

"Pigs" sound effect by Erdie, CC BY 3.0.