Page 3 - index
P. 3
+((+2 /%" "((+2 -& ' + ! /+ 0/+) /&+* *! "./ - /& ".
As we head into the fall, I can’t help but think about the Wizard of Oz.
Deep inside the security of the Emerald City, Dorothy and her friends finally
make it past the evil witch (malware), past the guards at the gates (firewall)
and finally into the heart of the city (data center) where they meet the
Wizard – I presume you are that Wizard.
If you are a cyber security expert or a CIO or an IT manager – if you are
the champion of securityyou’re your network, you have to play Wizard of
Oz and create an image that you are ‘magical’ and ‘bigger than life’. But in reality, behind the curtain you
are really just like the rest of us – a fallable human with all the tools at your disposal to do the best job you
can to impress others that your ‘castle’ is secure. In reality to truly be an IT Security Wizard, you have to
build up strong defenses and get one step ahead of the next threat. This requires more than ‘smoke and
mirrors’ but actual best practices and as much automation you can muster so you don’t have to keep
tinkering with the tools to create a ‘projection’ that you are the Wizard.
In this edition, we follow the Yellow Brick road and work our way down a path that is more challenging but
the results should be an incredible information exchange where you gain knowledge from our expert
writers in each area of infosec that needs best practices and as much automation as possible. Some of
my favorite automation tools are intelligent alerts by taking the time to properly setup your Security Events
Information Management (SEIM) system or patch, configuration and vulnerability management where one
click gets many systems properly hardened and updated.
But even with the best automation, we still must practice what we preach. We need to review all aspects
of INFOSEC to make sure we aren’t missing a gap. The biggest gap I’ve
found is in trusting and fallable humans. We’re all so trusting. This
opens doors to social engineering, remote exploitation and malicious
insiders. If you don’t train others to help you get one step ahead of the
next threat, you’ll be working your magic with ‘smoke and mirrors’ while
the evil witch steals your crown jewels in your Emerald City.
To our faithful readers, there’s no place like home, there’s no place like home and CDM is ours, together,
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
I25B /1B>9>7C &171J9>5 M +5@D5=25B 49D9?>
?@IB978D K I25B 565>C5 &171J9>5 << B978DC B5C5BF54 G?B<4G945
