In Depth

Security Mavens' Reviews of Firewall

We invited some of our friends in the security field to review the new movie about a heroic CISO of a midmarket Seattle bank. Stars Harrison Ford. What could be wrong?

By Lew McCreary

Page 3

Harrison Ford portrays "Jack Stanfield," a bank CISO with true grit. Many of us who have had the honor and privilege of developing, designing, implementing and managing a security operations team, take great pride in what we do. We believe in the work and the people who are part of our teams. This movie hits that part of it straight on. Because of Jacks dedication to his corporation, team, customers and family, he becomes a target of ruthless thieves. I could project myself into the middle of this since I, too, have great pride and integrity when it comes to my profession. Fiction is fast becoming a reality. Biometrics, federated identity badges, the piecing together of shredded documents, etc. This is all real.

Perhaps the next mandatory level of defense that security professionals should undertake and learn is "self defense." Having security and using security are two different things, and you must do both. For instance, the Stanfield familys home security system was disabled when the fake pizza delivery (really the bad guys) arrived; logging onto the banks systems with a single badge (true corporations do have this level of access, but its usually coupled with another level of authentication, such as a PIN or fingerprint scanner). This just shows that even the most intelligent and paranoid security professionals can let their guards down when their organizations and operations begin to flow smoothly.

Security is and always will be a 24/7 activity, and it will always require human intervention. Therefore, it will never be 100 percent assured!

BIO: Pamela Fusco is executive vice president and head of global information security for Citigroup. She has formerly held infosecurity leadership positions with the pharmaceutical giant Merck and with Digex, an Internet service and hosting provider now a part of MCI.

DENNIS TREECE:

Bottom line up front: The research the crooks did on Jack failed to turn up that in the Thirties, he went by the name Indiana Jones!

"Firewall" is a moderately entertaining movie that treats the banks head geek with a truckload of respect while falling into the standard movie "appearance" of computer genius, probably because the real thing would never appeal to movie audiences.

"Firewall" drags a bit in the middle, like most movies, but overall I was entertained and pleased with the death of the bad guys and the relatively happy ending. Theres nothing like virtue being rewarded after a battle between good and evil.

That said, it did ring hollow in a number of areas, both social and technical.

firewall movie

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors