topic Re: I have seen this way too often ... in Career Discussions

I have seen this way too often ...

rslade — Fri, 14 Feb 2020 18:54:21 GMT

Re: I have seen this way too often ...

CraginS — Fri, 14 Feb 2020 19:20:03 GMT

"Why are you banging that pot?"

"To keep the tigers away."

"There are no tigers here."

"Aren't you glad it works so well?

Re: I have seen this way too often ...

AppDefects — Sat, 15 Feb 2020 02:18:54 GMT

Such is the life of today's CISO. They get no respect.

Re: I have seen this way too often ...

Caute_cautim — Sat, 15 Feb 2020 05:08:53 GMT

@AppDefects @rslade @CraginS The average life span of a CISO within an organisation is 26 months currently. So how long would a virtual CISO last? Twice as long or less?

Regards

Caute_cautim

Re: I have seen this way too often ...

Caute_cautim — Sat, 15 Feb 2020 05:21:14 GMT

The full report is shown here: ttps://www.securitymagazine.com/articles/91652-new-survey-reveals-ciso-stress-and-the-toll-it-takes

The benefits and disadvantages of a virtual CISO are shown here including the ISACA report 2019 indicating there is only 72% of all organisations with CISOs.

https://linfordco.com/blog/virtual-ciso/

Regards

Caute_cautim

Re: I have seen this way too often ...

rslade — Sat, 15 Feb 2020 18:55:53 GMT

The first time I saw this in a really big way was the Michelangelo virus in 1992.
Despite the fact that it was real (I have copies, including the only extent copy on
a 3 1/2 inch floppy) it is still described, in histories and media reports, as a "hoax."
Extending from my own, personal experience, I can say that the predictions of
numbers of infections, and the fallout, had we *not* warned people, were not
exaggerated at all.

I think the most unfair aspect was that I was trying desperately to get the word
out and not really getting any response from the local media. My baby brother
didn't believe the virus actually existed, but, at literally the eleventh hour, 11 pm
on March 4th (1992 being a leap year, and the virus counting dates by number of
days into the year it triggered on March 5th of 1992) he finally tried out the AV
scanner I had given him, and, lo and behold, his computers were infected. He
alerted his church, and found that their computers were infected. And just who
was it who got his picture in the paper the next morning? Right. My baby
brother.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
It doesn't matter if the cup is half full or half empty.
Whatever's inside it is evaporating either way.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

Re: I have seen this way too often ...

Caute_cautim — Sun, 16 Feb 2020 21:23:54 GMT

@rslade Was he promoted or blamed for the incident? Or did anyone really believe him?

A history lesson: the first use of the term "virus" was to refer to unwanted computer code occurred in 1972, in a science fiction novel, "When Harley was One", by David Gerrold. Fred Cohen formally defined the computer virus in 1983. It appears computer viruses were being written by individuals, although not named such, as early as 1981 on early Apple II computers.

Apparently, In November 1983, Fred Cohen (then a doctoral student in electrical engineering, at the University of Southern California) presented the idea of a computer virus to a computer security class led by Len Adelman. He demonstrated five prototype viruses on a VAX II/750 running Unix. Each virus obtained full control of the system within an hour. Cohen later showed that similar results could be obtained on a Tops-20 system, a VM/370 system, and a VMS system.

Regards

Caute_cautim

Re: I have seen this way too often ...

dcontesti — Mon, 17 Feb 2020 05:55:17 GMT

I have seen this but I guess I was lucky, very early on, a competitor called my CEO and said:

"you have been hit with a virus"

My CEO: flabbergasted and upset, called me. "his exact words.......WHY HAVEN'T YOU TOLD ME WE WERE HIT"

My response "by what" or "by who"

My CEO "well Joe from XYZ corp said we had a virus (specific name not important)"

My response "not that I am aware of, but please give me 1/2 hour to check into it"

About an hour later:

My response " we have checked and checked and we cannot find any trace of that virus or any other malware in our environ"

My CEO "are you sure, because if I find out differently, you are fired"

My response " if you think I am lying, please just fire me now.....however, can we find out where "Joe" got his information"

My CEO "good point" and goes on the call Joe.

Turns out, Joe's corp had been hit and the techs said, well if we got hit so did they, they are not as good as we are, because we have all the bells and whistles in place.

My CEO, then laughed out loud and told Joe that he would be happy to have his staff provide training to his folk......wow,

After that, and through an education program we were able to instill a mentality with Sr. Management that it was not a matter of if but when..............

Lucky for me, I stayed in that ISO role for close to twenty years.......(ooops, showing my age again)

Security is typically the last thing on their minds and only when bad things happen do they realize it's there so CISOs need to remind them of the risks, etc on a regular basis and yes getting time with them is difficult and sometimes impossible but persistence does pay off.

Re: I have seen this way too often ...

Steve-Wilme — Mon, 17 Feb 2020 08:57:53 GMT

I've been told viruses are a hoax by a CIO (my boss at the time) and that all us security folks are absolutely delusional ... And a couple of month later we got ransomware in the network via an outdated flash plugin, worked until 3am to clean it up and restore from backups. He shortly after went back to the delusional, there are no risks stance. You just can't reason with stupid.

Re: I have seen this way too often ...

rslade — Mon, 17 Feb 2020 10:12:53 GMT

> Caute_cautim (Community Champion) mentioned you in a post! Join the conversation

> A history lesson: the first use of the term "virus" was to refer to
> unwanted computer code occurred in 1972, in a science fiction novel, "When
> Harley was One", by David Gerrold.

Unfortunately, although the term virus is used, H.A.R.L.I.E. was not actually a
virus, or viral in any way, simply an experiment in aritificial intelligence.
"Shockwave Rider" talks about a "tapeworm," but, again, there is no sign of
replication. The first real fictional account of something with a viral type of
activity is probably "The Adolescence of p-1," published in 1977 (so it still
predates Fred's formal work, but doesn't use the term "virus").

> Fred Cohen formally defined the computer
> virus in 1983. It appears computer viruses were being written by individuals,
> although not named such, as early as 1981 on early Apple II computers.
> Apparently, In November 1983, Fred Cohen (then a doctoral student in electrical
> engineering, at the University of Southern California) presented the idea of a
> computer virus to a computer security class led by Len Adelman.

It was Len who coined the term "virus." Fred hadn't really given the concept a
name when he presented it, although his thesis and later dissertation used the term.

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

Re: I have seen this way too often ...

rslade — Mon, 17 Feb 2020 17:45:53 GMT

> dcontesti (Community Champion) posted a new reply in Career on 02-17-2020 12:55

> I have seen this but I guess I was lucky, very early on, a competitor called my
> CEO and said: "you have been hit with a virus" My CEO: flabbergasted and
> upset, called me. "his exact words.......WHY HAVEN'T YOU TOLD ME WE WERE HIT"
> My response "by what" or "by who" My CEO "well Joe from XYZ corp said we had a
> virus (specific name not important)" My response "not that I am aware of, but
> please give me 1/2 hour to check into it" About an hour later: My response "
> we have checked and checked and we cannot find any trace of that virus or any
> other malware in our environ"

Not exactly on main topic, but:
At one point I was doing some contract work for an outfit that did AV as a kind of
side issue. We kept getting reports from customers that "Symantec/Norton says
we are infected with X" (or Y, or Z). I spent many hours tracking down these
reports, and eventually came to the conclusion that Symantec was generating a
whole bunch of signatures for things that weren't viruses, and weren't even
malware. (Symantec never was my favourite AV when I was reviewing, and after
that I just ignored it completely.)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Not a few, perhaps the great majority of men, find it necessary,
in order to maintain their self-respect and a certain
effectiveness in their actions, to lower and belittle the image
they form of everyone they know. - Friedrich Nietzsche
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

Re: I have seen this way too often ...

rslade — Mon, 17 Feb 2020 18:21:59 GMT

> Steve-Wilme (Contributor III) posted a new reply in Career on 02-17-2020 03:57

> I've been told viruses are a hoax by a CIO (my boss at the time) and that all us
> security folks are absolutely delusional ...

Speaking of Norton, I remember when he was going around saying that viruses were an urban legend, akin to the "alligators in the sewers of New York," and then suddenly he was lending/selling his name to an AV product ...

Re: I have seen this way too often ...

isc2_16v — Wed, 29 Apr 2020 16:11:24 GMT

This actually happened to me too. I was the lead tech at a customer site. They had tons of issues/problems and over several years, I managed to clean things up where it appeared all I did was walk into the office and check the ongoing work orders and logs. After a while, the management would ask why I wasn't doing much. Before long, they let me go. Go figure. 🙂