Wednesday, April 01, 2009

The case for alternative intelligence sources and outside contractors

My client Michael Bagley of the OSINT Group is profiled in this month's Homeland Security Today, check out page 52:
One of Bagley’s constant themes is the utility of having an outsider challenging existing assumptions, particularly when it comes to hacking and network intrusions.
“Black operations require people to think this way” he argued. “Otherwise, there are no black teams. If we were all thinking the white way, the right way, we’d have no ability to counter these kinds of events or operations. It takes both kinds of people to work this way.”

Note -
Wanted: Computer hackers ... to help government
General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.

1 comment:

Stiennon said...

I agree. You need third party pen testing. Lots of talk lately that that is out-moded.

Just like there are usually cryptographers and cryptanalysts. Two sides two different mind sets.

The attacker looks for weak spots. The defender worries about everything.