RealSecurity

Before you unplug your computer, hop off the grid, and go buy that S&W M&P 15 you’ve been eyeing at the local gun store because you’re convinced the government couldn’t stop a thirteen year old with an iPhone, let’s look at this result a little deeper.

Depending on whom you are speaking with when the topic of cloud computing surfaces you will certainly get a number of different perspectives. As I’ve shared in past writings, cloud computing is generally quantified into one of three buckets: revolutionary, evolutionary, and more of the same. While the first two have merit, it is the last one I feel is a bit short sighted… and here is why.

It is one thing to talk about securing a system, but quite another when determining how much and to what depth security should be applied. All too often we talk about securing something, but do not necessarily do so in a proactive manner based on a consistent model. Moreover, one that takes into consideration of the entire system, not just the server, but the network, interactions with other systems, applications, and data stores. DIACAP is an evolutionary approach to certification an accreditation that sets a common criteria of security that takes into account the broad, interconnected nature of today’s technology infrastructures.

Chris Evans of Google Chrome Security announced on a blog post last Thursday they will pay $500 to anyone reporting interesting vulnerabilities with Chrome. And with a little wink to the hackers, a potential reward of $1337 is being considered for the really interesting findings. The question it seems that has been raised is: is it a good idea or is Google subsidizing the development of tomorrow’s hackers?