Martin Roesch is one of the giants of the security industry: a hacker in the truest sense of the term who, in the late 1990s created a wide range of security tools as a way to teach himself about information security. One of them, the open source SNORT intrusion detection system, turned into one of the mostly widely used and respected security tools in the world. SNORT became the foundation for Sourcefire, the company Marty helped found in 2001. And Sourcefire went on to fantastic success: first as a startup, then as a publicly traded company and, as of October of last year, as part of Cisco Systems, after the networking giant bought Roesch’s company for $2.7 billion.
These days, Marty serves as a Vice President and Chief Architect of Cisco’s Security Business Group, where he’s helping shape that company’s strategy for securing the next generation of enterprise (and post-enterprise) networks. I had the chance to catch up with Marty a couple weeks back. We talked about the origins of Sourcefire and Snort and, also, about how the security context and conversation is changing to suit our modern context of borderless networks and ubiquitous, intelligent devices.
The Internet of Things presents a boggling array of security and privacy challenges for modern organizations. Just scanning a network to identify threats or suspicious behavior won’t be possible once the world has shifted over to IPv6, he notes. But adjusting to the IoT requires pragmatic and incremental changes to IT security practice, not revolutionary ones. Sure, anything with an IP address (HUE lightbulbs, anyone?) might feasibly be used as a platform for attack or to hide stolen data. Realistically, though companies will need to address less exotic threats, like employee use of third party sharing sites like DropBox, Evernote and Box.
Get the New 2017 SANS Research Report on 'Threat Hunting' -- Written by experts from the SANS Institute, the survey reveals a number of interesting data points about the challenges and benefits of threat hunting.
Check out our conversation by clicking on one of the links below!
|Listen on Security Ledger|
|Listen on Soundcloud.com|