Cyberwarzone had the privilege to have a short interview with Dalibor Vlaho a Computer Security Specialist and CEO of Security Consulting.
The first question I asked Vlaho was if he could tell something about himself and how he got in the Cyber Security Consulting world. He told me that at the beginning he started to learn software development, he was just another kid that was interested in the art of programming and how components work. He worked on several small projects to help his friends in daily tasks and as he proceeded he started to build powerful software packages for commercial clients. In the year 2004 he got interested in the penetration testing world and the security field. He told me that in 2004 he started the real trip in the computer and network security world.
After knowing a little bit about his motivation and his background I asked him what he thought about the Sony Network breach and how he thought Sony should have reacted.
He told me that when you buy a PS3 you should be the real owner of the console. Meaning that if you wish to crack it, trash it or break it you should be able to do that because it is your own property. You paid for it!
”If I punch you, you will return a punch back, right?!”
Vlaho believes that Sony did not take their responsibility to protect their networks and now they have lost a lot of costumers and trust. He also believes that Sony should hire people that can protect the Sony networks.
Further on I asked him what his biggest concern was concerning Cyber Security for governments and companies. He told me that the information security aspect is one of the biggest problems we have to deal with daily. He believes that companies should invest more in security than in marketing aspects. He also mentioned that companies don’t hire the right people to do the right task.
He said that if you take a look at the Sony breach we should be thinking of Information disclosure attacks.
I asked him about his thoughts on the stuxnet incident and he told me that this worm is not so different from others. BUT he did say that you will need more than one excellent computer expert to create such an worm. He did take a look at the code and he said that
the worm targets on high-level industry components.
The interview went on and we landed on the change of cultures in the hacking world and how the target their targets. He told me that when you go back to the 1990’s you will see that in that time there were not a lot of tools to use. If you wanted to hack something you had to have knowledge on it. But in the current world we have a lot of utilities that we can use. Thinking of Backtrack, Metasploit and the internet.
In the world of Cyber Security cost is a aspect that you always have to think about. I asked him if he believes that educting employees will reduce the cost of cybercrime. He replied to me and said that there is always a way to reduce cost of cybercrime. He believes that the first step is to educate the personal with high quality practice and how to act on the field courses.
“You can have the best hacking tools on earth, but if you don’t know how to use them -- you are nothing.”
He told me that having CISSP (Certified Information System Security) employees in your business will help you in securing your business and reducing the cost of cybercrime.
He told me that Hacking is not a job or career it is a state of mind and the way you life.
The interview ended on the question if we need a Security Network community for Cyber
Security specialists. He told me that he is part of the Cyberwarzone community and that he
believes in the news filter module and that the community will be a great source for Security Engineers.
I thank Dalibor Vlaho for participating in this great interview and giving Cyberwarzone the opportunity to have this great conversation.
His company: http://security-consulting.com.hr/
(Feel free to copy and paste this article on your website – as long you put a link back to the_ Cyberwarzone website and Dalibor Vlaho his company.)