Infosec 2015: White-hat hackers need to learn computing basics

Security professionals will need to have a greater understanding of computers at a deeper, more fundamental level if they want to defend against cyber attacks, claimed James Lyne, global head of research at Sophos.

Speaking at a keynote presentation at the Infosec show in London, Lyne said that as cyber attacks became more nuanced and complex, security researchers and pen testers would have to broaden and deepen their knowledge of computing principles.

Lyne, who is also the director of technology strategy at SANS, said that security tools used by the industry have made security professionals "more tech savvy than ever before", but at the same time, this has "disconnected" them from computing principles.

He argued that this was a "missed opportunity for forensics and for better pen testers".

"We are an astonishing group of techies, but this tech has become far more of a black box than ever before," he told delegates.

In the early years of computing, it was harder to simply use PCs - but that's not the case anymore. "This leads to a lack of understanding of the underlying computing principles," he said.

Having more knowledge of how PCs worked underneath the hood would enable security professionals to react more quickly to cyber attacks and allow penetration testers to spot exploits before the hackers did.

Lyne said that as computer security improved, meant hackers have had to become more sophisticated and this has led to a gap in skills between the black hats and the white hats.

Lyne said that it used to be easy to trick a computer by modifying memory and there was "little to stop" hackers.

"A large section of the security industry came about because of Microsoft's terrible decisions that allowed memory to be manipulated," said Lyne. But now with mitigations in place, modern exploits require more knowledge of computing at the low level.

He told delegates that they should not be afraid to read up on key exploit basics and this would help IT departments to get better at understanding and responding to threats.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.