There sure are a lot of "WTF are we doing?" posts going around
on October 18th, 2007 at 11:26 pmOK, I am not going to take credit for this (especially since no one credited me with starting it), but there sure do seem to be a lot of posts here lately about whether or not we are making a difference as info sec folk. I wrote a post early Monday morning about whether security nirvana existed and where we are going with all this product selling. Andy wrote about my post and asked where the leaders were (and thought he insulted me by making it sound like I was not a leader – which he did not and I am not).
But then I see this one from Rich which is referencing this post (which came before mine, so there you go) and it is followed up by Hoff’s declaration that information security should be called information survivability.
Sheeeeessshhhhh. Do you ever have one of those weeks when you wonder if it is worth it? 
Vet
There’s another over at Layer 8, which is my current fave. I *know* we’re making a difference. Look at what the attackers are having to do to beat us;
- Continuously re-engineer their tactics to avoid detection
- Shift from OS attacks to Application attacks because we’ve learned how to aggressively maintain the OS
- Shift to well-known, oft-used ports for C&C because we’re implementing egress filtering to block the C&C channels
- The list goes on…
Keep your chin up and your barrel steady. I’ve got another HEAT round locked and loaded for ya.
We definitely work in a frustrating and draining field. Thankfully, when one or a few of us get down and tired and worn out, there are others of us to encourage and bring us back up.
God help us if we all get depressed at once!