The InfoSec Man Cometh

(After Flanders and Swann - music and score here)  'Twas on a Monday morning the firewall wasn't right -A distributed denial of service had given it a fright.It's OK for those Jericho guys, they threw firewalls away (1)And when DDoS attacks...

Share

(After Flanders and Swann - music and score here)
 
' Twas on a Monday morning the firewall wasn't right -
A distributed denial of service had given it a fright.
It's OK for those Jericho guys, they threw firewalls away (1)
And when DDoS attacks come round they enter the cloud and pray (2).

 
Oh, it all makes work for InfoSec to do.
 
' Twas on a Tuesday morning our identities expired -
Our Active LDAP directory suite had caught malware and fried.
De-identification through use of Blind Public Key (3)
Would spread control to all about and delegate authority.

 
Oh, it all makes work for InfoSec to do.
 
'Twas on a Wednesday morning the trojan botnet came.
Zeus or Haxdoor or Zbot, we didn't know its name.
It plundered all our networks, sent our data into space.
We wish our AV package had whitelisting now in place.
 
Oh, it all makes work for InfoSec to do.
 
'Twas on a Thursday morning the log files overflowed,
Just as the PCI audit revealed the bill we owed.
We couldn't pay by credit card, we'd lost the decrypt key (4).
Protected Open Data would have fixed all this for free.
 

Oh, it all makes work for InfoSec to do.
 
'Twas on a Friday morning we went into the cloud.
Since MARTINI (5) computing in work is now allowed.
But that day the Martini got both shaken up and stirred
As our SAML connector just would not say a word.

 
Oh, it all makes work for InfoSec to do.
 
On Saturday and Sunday IT worked over through the night.
But 'twas on Monday morning that the firewall wasn't right...

Andrew Yeomans, Jericho Forum board member
 
Notes:
(1) Not strictly true, see https://www.opengroup.org/jericho/deperim.htm
(2) Luke 9:34 "They were afraid when they entered into the cloud"
(3) https://www.opengroup.org/projects/jericho/uploads/40/8293/2_-_JFChallenge_Yeomans-DrKW.pdf
(4) "2008 - The year of lost data (UK); 2009 - The year of encryption; 2010 - The year of lost encryption keys" Daniel Dresner
(5) Multiple Access Real Time IP Network Implementation

"Recommended For You"

The IQ divide... Why your security stinks