This is a guest post by Hussein Badakhchani
Some months ago I had the pleasure of attending a GDS Engagement Evening hosted by Admiral Patrick Walsh (ret) fromiSIGHTPARTNERS (prior to its acquisition by FireEye). It was fascinating to hear from Pat the role that threat intelligence played from his direct experiences in the Navy and I think I can speak on behalf my peers on our table when I say that we could all benefit from those insights in our own work.
Those that have read my previous posts on the subject of Cyber Security and the application of KnowIT in IT security will know that I believe the current approaches and thinking in Cyber Security are ripe for disruption.
I take this position from an analysis of the costs and benefits of the existing paradigm for implementing Cyber Security strategies and specifically from the domain of vulnerability and patch management.
For any global enterprise the existing implementations of vulnerability and patch management simply cost too much and provide too little benefit. The sheer volume of vulnerabilities identified from Pen testing, IAST, SAST and DAST alone make the cost of remediation exorbitant; assuming such remediation is possible at all.
One must remember that only a fraction of the code utilised by the enterprise is under direct control. The vast majority of code in any business is owned and controlled by proprietary software vendors or is Community Source or Open Source in nature. To depict this from a Java perspective I’ve included a picture from a white paper that will be published early next year.