Many people have been full of interest in Linda McCarthy for: "How did you be a hacker?" She is currently the security product company Symantec's CTO office to perform security consultants, the position seems to be "from the lord". "I know that the hacker you say means those who run to someone else and make destruction. In this case, I tell you, I am White!" McChazi defended himself, "I said that I didn't seem to Like a hacker. "
"I am White"
Talking about "hacker", people feel that it is a bit complicated. Generalized speaking, "hacker" is born in the 1960s, the original representative of the group of love technology and freedom, likes to study the Internet and computer technology, familiar with the IT technology elite of the operating system and Internet vulnerabilities, so there is "hacking" This is a passionate vocabulary. However, especially in the domestic, "hacker" words are directly equal to the destroyers and terrorists in most people, which is actually a "hacker on the narrow sense". As a result, McCati is self-employed in "White".
For a while, McCati's work was once tried every day to invade a variety of networks. But she is not to engage in destruction or show off their own ability, but employed in some companies to detect their system security.
Earlier, McCarthy did some teaching work in Sun, and her professor includes hardware architecture, system management and security. In these professional IT technology fields, the "gray" field in security issues caused her attention. For example, this "gray" area is how to attack it for a vulnerability of a system, invading this system and gains a lot of access. This is naturally a professor in class, but it is interested in McCartin.
Due to the research experience of McCarti in the "gray" field, plus the education and the responsible training work, Sun's internal audit team decided to hire her to do this invasive system testing. Her responsibility is to check the security of this company to be distributed around the world, see if they can break through the invasion of these systems, thereby finding the weaknesses of the system, found that it will become safe. Combined with her award at the time of the high-level management of many companies, McCarthy started to provide such an "invasion service" for more companies. She has some invasion from the perspective of teaching, I hope to let her students - those executive personnel understand how their company's vulnerability will be hacked, what will be constructed. Threat.
"From the perspective of protection systems, I think this work is very exciting. I can think of forward-looking thinking in the future, ensuring that my idea is to lead the hacker, at least a good lead A few steps. "McCarthy evaluated his" hacker "work.
In fact, it is much easier than a security personnel than a security personnel than a security person. Security issues are actually the "asymmetrical" war between hackers and security people, and defense is more difficult than attack. Whether the current enterprise is equipped with a well "copper wall iron wall", the security company will make a proposal for them, just like the "Troubled Helicopter" in the Iraq war, although its authenticity is to be certified, no one denies its possibilities. Moreover, this possibility is now getting bigger and bigger. McCarti said: "I am in six or seven years ago, I need to invade a system when I work for Sun, because I have to spend more time to develop specific intrusion tools. And now this kind of tool It can be downloaded on the Internet. "So now there are many" two streams "hackers on the market, they play a hacker role by hacker tools downloaded online, very" convenient ".
But as a security personnel, McCartin's work is not just that the intrusion attack is then simple. She must finally understand what hackers should do, and prepare for this, and this is quite difficult in reality. However, McChaki has brought huge changes to her thinking model for many years. She can think about hackers.
"Lobby" in the enterprise
In a company in California, McCarta is doing something for their chief security officers. This company has only one signature-based identity management product in intrusion detection. McCarthy has installed a test program based on an agreement outside its firewall, and a total of 80,000 attacks have been identified in 30 days, and this small test procedure is only "grab" to all of all attacks. This company has ignored security issues due to insufficient funds, and McCarthy admires the company's high-level, and finally funds millions of dollars in security to strengthen intrusion detection. This is the most manifestation of the self-value in McCartin's mind. In the actual work, this is the case, the experience of invading others is indeed a rich technological accumulation of McCarti, but she has a safe threat to the face today, the structure is stronger, the technical content is higher. The destructive is more destructive, and she doesn't have much time to compare the incidental problems you encounter now with the past. Compared to solving emergencies, she is more about to envision of their own threats that may be encountered in the future, and the future attack will be what will be, and these are the most persuasive things that are dangerous. The best material for people.
"This is very important. If executive personnel are not persuaded, they will not put funds for these actual security issues. These people are always busy with some specific business problems." McChaxi said, "I have passed" That paragraph and the unique work experience allows you to treat safety as a business problem, not just a computer computer problem. "Facts prove that" hackers "experience help McCarti better communicate with the company's high-level communication security issues, It can also be easily communicated with home users.
Now, McCartin is more concerned about how to take out safety products faster, better completion of education, "especially in education, I also make sure that my idea has a leading thinking about hackers." She is currently working under the CTO of Symann Termace, and the various new projects that are usher in the Chief Technology Officer are operated by McCartin. In addition, she also launched some new business plans within Symantec, such as Symantec Publishing House. Among this publishing house led by Chief Technology Officer, McCarti participated in most of the work, helping publishing houses continue to launch some security in the market, while facing business executives and technicians.
McCarti is launched by various ways to start her "lobby" work. In addition to lecture and lectures, she wrote "Information Security - Enterprise Resistance Risk". The main purpose of this book is to tell how to build world-class information security organizations, and McCarthy is still aware of the view of security experts with typical cases of her abdomen. When I started planning to write this book, McChak's blueprints were not a matter of the finished product. She suddenly realized that the previous idea was not right after signing the contract, because she could not help quickly. The company's senior management personnel to solve security issues ", so we started. In this way, the time left to McCarti is only six months. She can't lose her full-time job, and Symantec also assigned a new project to her - Implement a new security product. Therefore, she can only spend a lot of spare time to write books.
Whether it is written or less, McCarthy really hopes that "can fundamentally change people's thinking about information security." Just as the one mentioned earlier, more than 80,000 attacks, but not self-known California companies, McCarthy may look at such people and the company, and the thinking model is a primary problem. She said that her future work plan first is to build Symantec Publishing House into the largest publishers in the security field, and then they will have a book.
