Fear, Uncertainty, and Doubt. It’s time we banish it for good in the security community. We need to be data-driven. Let’s make smart security decisions based on facts and risk tolernace vs. fear of the boogeyman.
Attempting to block IP addresses in order to target specific applications or services is like using a sledge hammer instead of a scalpel in surgery. It’s just not effective and there is a ton of collateral damage. That’s what has happened this week with the Russia/Telegram dispute.
During RSA US 2018, one topic kept coming up in conversation; are we focusing on the basics enough? Every year at the conference, there is a huge push around the latest and greatest challenges and technologies. That’s important but can we ever really move forward if we’d don’t improve the security baseline for everyone?