Compass Awards
Pethia: InfoSec's Challenges, Changes
CERT-CC founding director Rich Pethia reflects on old IT security issues, and the ones CISOs are facing now
By Joan Goodchild, Senior Editor
March 24, 2009 — CSO —
A lot has changed in the 20 years since Rich Pethia first took the reins as director of Carnegie Mellon University's Computer Emergency Response Team (CERT). CERT, which was initially launched as the first Internet security response organization has evolved over the years to focus more on research and training role. Pethia, a CSO Compass Award winner, spoke with CSO about how much IT security and vulnerabilities have changed in two decades.
CSO: CERT is celebrating its 20th anniversary this year. Tell me about those early days when you first started?
Rich Pethia: Back in 1988, when we started, the Internet was probably about total 200,000 systems and almost all of them were here in the US. Most were in university research labs, some in the government. A few were in the private sector, although commercial use was not yet something that was done with the Internet.
That year a graduate student at Cornell University let loose the first Internet worm, which over a period of ten or 12 hours clogged enough machines and started putting enough traffic on the network that the network was bogged down and useless for any activity. So researchers around the country that were responsible for really putting Internet together, along with their sponsors in DC, which at the time was the Defense Advanced Research Projects Agency (DARPA), sort of self-mobilized and understood they needed to capture this piece of malicious code. They reverse engineered it, they understood what vulnerabilities it was exploiting, and they got patches out to everybody. Following that event eventually the network was up and running.
There were a whole series of meetings in Washington, DC about what to do about these kinds of things. The thinking was that this was probably the first of what would be a long series of problems with the internet. So DARPA decided to establish the CERT coordination center and our initial charter was to be a response center for anyone on the Internet that had security problems.
In the early days we spent time getting to know the network service providers, getting to know the organizations that were connected to the internet, coming to understand what operating systems were being used, what protocols were being used. Over the course of the first year, we probably responded to only five or six incidents. Most of them were break-ins of one kind or another because people were just curious and trying to understand how far they could push their break-in techniques. In some cases there was malicious intent. But it was really a very low-level activity in the first year.
Rich Pethia
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
