Security Lessons Learned From Varroa Mites
Taking an integrated approach towards our threats in security
One of the biggest threats to the Honeybee is the Varroa Mite. I’ll spare you the details on what it does, but the biggest takeaway is that they do not go away. It is just a fact of life it seems that Varroa mites are to be expected in a honeybee hive. So one must test and treat accordingly. Varroa treatments use chemicals and may have a short term adverse effect on the hive, but are of course good in the long term. One issue though is that varroa mites can become resistant to treatment. The key is “Integrated Pest Management”, where you take multiple approaches to managing varroa mites. Other industries have this such as Integrated Medicine.
In the security world we have lots of varroa mites that are a fact of life and will likely never go away. It’s about taking an integrated approach toward managing each of these mites. Let’s go over some of these mites that likely will never go away:
Malicious websites (Drive-by downloads)
Lost and stolen devices
Supply chain attacks
All of the above are examples of security threats to our information systems. They will not go away, but there are many things we can do to minimize their impact to us. As with varroa though, we need to adapt and try different things as a resistance can easily develop.
Maybe in the future I can go over an integrated approach to a threat we have in infosec.