Spooks-as-a-Service Swarm RSA Conference

itwbennett writes "As the list of victims of sophisticated cyber attacks expands, so does the need for specialized, high-priced, and hard-to-find talent to help investigate and recover from those attacks. The latest solution: hosted services offering access to cyber intelligence and incident response. 'At the RSA Security Conference this week, companies large and small are trumpeting the spy agency connections of senior staff as never before,' writes Paul Roberts. 'These new offerings — think of them as spooks-as-a-service — typically combine some degree of network and endpoint monitoring with a cloud-based management platform to gather and analyze data against data aggregated from other customers and third-party threat intelligence.'"

What, me worry? Mad Magazine called it...

[rts008]

Spy vs. Spy slapstick at it's finest.

This world is getting so ludicrous, it makes those 1970's acid trips seem tame in comparison.

Re:

[gIobaljustin]

That might be the case, but it might also not be the case.

It's never a slapstick

[Taco Cowboy]

Spy vs. Spy slapstick at it's finest.

Before this, whatever we put online we have to worry about the spooks from China as well as the spooks from NSA.

Now, we have to worry about the spooks from China, spooks from NSA, and the RESIDENT spooks.

Whatever you want to call it - progression or regression - I call it scary.

Re:

[icebike]

Now, we have to worry about the spooks from China, spooks from NSA, and the RESIDENT spooks.

I agree, hiring someone who wasn't good enough to keep his job at the NSA/CIA to protect your business, seems sort of crazy. They can't even use the knowledge they might have gained while employed there. Employing one of these guys probably attracts more interest in your network from those three letter agencies.

And farming out yet more of your network to cloud providers and web based services just seems risky. Web based! Nobody has broken SSL right?

Don't understand

[Anonymous Coward]

Aren't the spy agencies the ones doing most of the cyberattacks ?
Why do I want them associated with my security company ?

Re: Don't understand

[gruntspeak]

What you need is a Tracebuster-buster, yo.

Re:

[anubi]

In this modern land of anything goes I offer what we all need is a good, solid, minimal, and highly secure PUBLIC foundation system, of which we are all made very aware of exactly how it works, much like I had to "suffer" through years of English classes. Such a system would include a knowledge of HTML, TCP/IP, and a basic windowing system. Have this core system thoroughly understood and bug-free.

If webmasters conform to this, we should be able to limit the amount of hostile code released as there is n

Re:

[Anonymous Coward]

Aren't the spy agencies the ones doing most of the cyberattacks ?
Why do I want them associated with my security company ?

That's a nice little network you have there. It would be a shame if something happened to it.

FUD sells

[dutchwhizzman]

With all due respect, but most companies don't need this, they need to get and keep their IT secured and that should be enough.
If you *do* need this, you may not want to rely on a third party to provide you with this sort of service. Your assets are probably way too valuable to solely rely on a third party. The only reason you may want them is to keep tabs on the performance of your own resident spooks and SpookWare(tm), not to entrust the future of your company upon. While I do see a place in the market for these companies, the way they sell themselves is despicable and makes companies act lax and irresponsible towards having their security sorted out properly.

Cyber-war Profiteering

[Burz]

That's what it sounds like: Playing both sides.

WTF???

[Anonymous Coward]

Regardless of your connections as a businessman, you're not getting information out of a spy agency.

I also would trust anyone who claimed they could.

I also wouldn't trust the spy agencies not to be behind this as well.

Re:

[Anonymous Coward]

Exactly what makes you think that spy agencies won't give information to corporations?

Live long and prosper

[Zardus]

I read that as "Spocks-as-a-Service". That'd be a waay cooler market.

ISIS called

[drewsup]

They want Archer back !
in all seriousness, will this lead to multiple independent spy agencies ala Control, KAOS, ISIS? That cant be a good thing.

NSA conference

[Threni]

No-one's ever going to trust the NS..sorry, RSA again - might as well big-up the whole "we're in it together" thing while it lasts.

Refresh My Memory, Please...

[BlueStrat]

What was it you called a country where the government and powerful, "connected" private business interests merge?

Ohhh, silly me! *Now* I remember!

A Fascist Oligarchy, of course!

Welcome to the DRNA comrades! (Democratic Republic of North America) The new flag will be a black silhouette of a boot stomping a human face on a blood-red background.

Just wait until they run out of money they can rape from the domestic economy and begin a policy of international aggression to keep their hookers and blow flowing. The world is going to burn.

Strat

The old revolving door trick

[rmdingler]

I just hope this doesn't become the IT equivalent of defense contractor morphing into DOD consultant and then back again.

reformed?

[jbmartin6]

Why would you trust one of these clowns? This is kind of like trusting a 'reformed' black hat.

say what?

[slashmydots]

The one and only definition I know for the word spooks is an offensive, racist term for black people. What exactly are they using it for?