Friday, November 26, 2004

Fighting a moving target

Here's a thought (tell me if you think I'm way off): buying one-time products, either hardware or software, to fight spam and malicious code is a bad idea. Your purchase becomes obsolete as soon as what you're fighting changes tactics. Instead, you should use a product/service that is either community driven (e.g., Snort, ORBS, etc.) or is subscription-based (e.g., McAfee, Symantec, etc.).

I don't have that previous paragraph worded the way I'd like it to be but you get the idea.

Thoughts for articles/papers (feel free to borrow):

  • networks that adapt to a new threat faster have a better survival rate
  • the need for adaptive technologies to fight security threats (even if it's the ability to script "in the middle")
  • the need for trained personnel to use those adaptive technologies
  • what technologies still need adaptive capabilities