Shifting the Burden: Long-term Magnifying Consequences

F5 Lab's Ray Pompon writes for Help Net Security, discussing how many of our security "solutions" actually just create more work and shift the burden for actually addressing the problem farther down the line.
January 22, 2019
1 min. read

Computer geeks love their acronyms. Here’s one more: TANSTAAFL. There ain’t no such thing as a free lunch. No, I’m not talking about the grilled Alaskan salmon meal you got while playing on your phone instead of listening to the vendor pitch. I mean that if we want better security, someone has to pay for it. And it’d be better for all involved if that cost was made clear to everyone, especially those footing the bill. But a lot of that cost is pushed around instead of paid by the person eating that lunch.

Here’s what I mean: the security scan turns up a bunch of holes, generates a report, the security team hands it to IT to patch all those systems. Congratulations, the security team has now completed a tiny sliver of the real work needed to be done. Just applying a single patch in a running business can involve investigation, testing, integration, and downtime. And that’s assuming the patch works as advertised and doesn’t break anything.

Read the full article published January 7, 2019 here: by Help Net Security.

Join the Discussion
Authors & Contributors
Raymond Pompon (Author)

More from Learning Center

Forward and Reverse Shells
Forward and Reverse Shells
09/15/2023 article 5 min. read
Web Shells: Understanding Attackers’ Tools and Techniques
Web Shells: Understanding Attackers’ Tools and Techniques
07/06/2023 article 6 min. read
What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
07/05/2022 article 13 min. read