Last week there was a rather detailed post on the attack at RSA. It is well worth a read because I think many of the techniques employed in the RSA attacks have been or will be employed against ESPs.
Early in the article, the author asks a question.
These companies deploy any imaginable combination of state-of-the-art perimeter and end-point security controls, and use all imaginable combinations of security operations and security controls. Yet still the determined attackers find their way in. What does that tell you?
It tells me that the weakest link has been and always will be the humans. And, lets be honest, for all my ranting about how ESPs are behind in the realm of security, if a company as security conscious and aware as RSA can get cracked like this, none of us are safe.
I’ll be honest, I don’t know what the answers are. Security is not my area. I do know we have to do better.