As I watched the Juniper keynote from RSA 2014 (Given by Nawaf Bitar), I couldn’t help but to sit back and just think for a bit. Wow. This guys is right. We have been complacent and are becoming more and more complacent with our security. I think it comes back to some very basic human nature. What we think is normal is usually what we are surrounded by. An alcoholic may think it is perfectly normal to be at a bar drinking because everyone he hangs out with is also at that same bar. Step outside the bar though and we find that 90% of the nation’s alcohol consumption comes from 30% of the people. This leaves the other 70% of the nation to consume the remaining 10% of the booze. It’s clearly not normal to be in a bar drinking. I digress. Lets get back to the topic at hand. What is normal? Is it normal to accept friend requests from people you have never met? (rhetorical question) Let’s go back to the 1920’s for a sec. It was perfectly normal to NOT use curse words in public. It was normal for men to wear suits and ties out in the FIELDS. It was normal for women to wear coverups while they were IN the pool… Let’s fast forward a bit. Over the years we have slowly allowed more skin to be shown, more curse words are said in public. Ties have been replaced by “business casual” or less. More violent video games, etc etc… And the more we surround ourselves with this, the more it becomes normal to stretch the boundaries to constantly create a new normal which is less that our original which continues to stretch the boundaries. Now… Let’s say it. It’s normal to be careless with our security. There may be a 30% number out there that are very security centric but frankly, the other 70% are not. We do in fact accept friend requests from people we don’t know. We do use open source software that we really don’t do proper inspection on. We don’t insist deep security dives on closed source software. How many of us actually verify the md5 checksums when we download software? We have been opening our doors a little more at a time. A little more bad stuff gets in every day which becomes the new norm.
Now enough of that. Let’s talk about the Keynote. I enjoyed watching it. It was a little weird to not have a product pitched behind it for the world to see…. maybe that was by design.
By all means, please watch this Juniper keynote by Nawaf Bitar.
I am looking forward to seeing product demos. Browsing Juniper’s website, I see a blurb on Juniper’s Spotlight Secure.
“Once an attacker is identified and fingerprinted on a subscriber network using WebApp Secure, the new service will immediately share the profiles with other subscribers, providing advanced real-time security solution across multiple networks.
Spotlight Secure will put non-IP-based attacker profiling at the center of a framework that gathers and distributes attacker fingerprints to a worldwide network of inline security solutions.”