ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.) Filing date Publication date Priority claimed from GR20210100717 external-priority Application filed by Snap Inc filed Critical Snap Inc Assigned to SNAP INC. Original Assignee Snap Inc Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.) Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.) Pending Application number US17/644,297 Inventor Ioannis Kotsogiannis Teftsoglou Mohammad Zaheri Darkahi Current Assignee (The listed assignees may be inaccurate. Google Patents Safeguarding location visitation information Google Patents US20230118306A1 - Safeguarding location visitation information We need to identify how we can achieve better outcomes by implementing 21st century thinking and new innovations, instead of falling on old adages that present us with new problems to solve.US20230118306A1 - Safeguarding location visitation information Therefore, when looking to deliver cyberbreach prevention methodology throughout cybersecurity architecture we need to look at the bigger picture. Security through obscurity: fact or fallacy? I call fallacy. Therefore, what purpose does the ‘security through obscurity’ adage provide us? It come from understanding what needs to be protected and identifying the best way to achieve this through people, process and technology. Obviously there are many scenarios we can propose, but the point I’m making is that the power of security isn’t derived from obscurity alone. For example, if I have a modern firewall and an antivirus solution from two different vendors, and an endpoint in my network is being attacked, would my firewalls really know about the attack taking place? And if they had this capability, could the endpoint have been attacked in the first place? It makes you question how the obscure approach is serving its purpose in securing an organization's assets, in comparison to a consolidated approach that delivers shared threat intelligence and shared security capabilities across the entire cybersecurity architecture. Secondly, sharing threat intelligence across your entire cybersecurity architecture can only provide better defense capabilities, as opposed to having siloed products from different vendors, sprawled across the cybersecurity architecture that serves no intercommunication capability. On the surface this may seem logical, but is it? What are the tradeoffs and what are the real outcomes that this 'obscure' approach really gives us? Let's explore further.įirstly, organizations I talk to nowadays are more often looking to consolidate parts of their cybersecurity architecture to simplify things, eliminating overlaps within the cybersecurity architecture itself, reducing the number of vendors they have to constantly deal with, and scaling down the amount of noise in the environment. Essentially what this points to is the assumption that the more diverse the vendors and products throughout the entire cybersecurity architecture are, the better. Let's face it: if they didn't, what really does?Īs subjective as the statement ‘security through obscurity’ is, when looking at how this concept has been applied in practice, I’ve observed how industry professionals place many different hurdles (products) from differing vendors throughout the entire cybersecurity architecture. However, often I see those narratives and mindsets seem to really influence the type of cybersecurity architecture organizations adopt.
In my role as a security consultant, I see that the real value I can add in the security industry is understanding what my clients' real needs are, and helping them to achieve these.
I think it's something we need to explore. I was unaware of this statement’s significance or how this adage has shaped the mindsets of some security professionals today. Security What is the biggest cyberthreat of tomorrow?Ībout eight years ago, early in my days in the security community, at an event we were attending (long before the coronavirus cancelled them all) I remember hearing a saying: ‘security through obscurity’.
0 kommentar(er)
