IT security staff have a job for life – possibly a grim, frustrating life
Black Hat founder warns of coming crisis
Black Hat 2015 Speaking at the opening of the 18th Black Hat security conference, its founder Jeff Moss warned the assembled throng that while they might have job security, they weren't going to have fun in the next decade.
"We are all employed for life," Moss said. "It's interesting, I see problems and challenges and on one hand am really excited, but on the other I just want to sleep."
The decisions made over the next five years will affect the use of technology for the next 30 years, and so far the signs aren't good, Moss said. What's coming is a mix of old problems revisited and new ones coming down the line.
For example, the crypto wars are back, he said, and a new generation of politicians and law enforcement officials are demanding backdoor access to cryptographic software, just as they did in the 1990s. It's up to techies to show them why this is a bad idea, Moss said.
A new problem is the rise of cyber insurance – in 10 years between a quarter and a third of IT security budgets are going to be taken up paying insurance against intrusion and not defending the network. Getting a payout when your system goes down is nice, but you can't run a business like that, Moss warned.
Software companies are also going to have to step up and take responsibility for their products, Moss warned. Without some kind of liability, the industry will still be in the same mess it is now in 20 years time.
"Boeing and Airbus are basically managing flying data centers and they operate under liability," Moss said. "An Oracle data center has no liability and that's not going to last – companies want a level playing field."
Software liability need not be punitive, but there must be some way to get companies to take responsibility for their flaws, Moss argued. Without that, nothing in the industry will change.
This is the biggest Black Hat yet, Moss said, and it was up to every attendee to go out and advocate for change. Hacking is fun, but unless those who do it step up to the plate, he warned, things could get very grim for the next generation. ®
Sponsored: Becoming a Pragmatic Security Leader