February 8, 2007 - Volume 2, #24 (RSA Day 3)

Good Morning:
SAVE LARRY. When I heard Larry Ellison was "sick" and couldn't make his scheduled keynote, the classic movie "Ferris Bueller's Day Off" popped right into my head. I just imagined tw parking attendants tooling around in his Ferrari, while he checked out the art in the San Francisco MOMA. The rest of us are sitting there while Ben Stein is on stage going "Ellison. Ellison. Ellison." Seriously, I hope Larry feels better, but it was strange justice and $150,000 is a lot to pay for two product guys to give a keynote.

I'm also with Martin (here) in that the Security Bloggers meet-up was a great time. It was really cool to meet some many folks that I interact with every day. I'd love to list out all the folks I saw, but inevitably I'd forget someone. Suffice it to say, all you of blogger types add to the conversation and it was really a pleasure to meet many of you in person.

I'm also finally done with my speaking gigs at RSA. 3 is a lot in one week, but it was fun. Yesterday's UTM Smackdown session did live up to the hype. Especially when Shimel landed a haymaker on Alex of Astaro regarding contributing back to the open source community. Thanks to Alan, Alex, Chris Hoff and Stiennon for sharing the stage with me.

As fun as the UTM Smackdown was, my P2P session on "Successfully Selling Security Strategy" was fantastic. It was a full house and we had a great conversation about the challenges and successes that CSO's can have today . It was also instructive to chat with some mid-level security folks too, who end up having to give a lot of the information to their bosses. The Pragmatic CSO process is very applicable, and continues to give me validation that it's the right approach to success in these crazy times. Remember, if you are at RSA, you can pick it up at the bookstore or as always order it here.

Have a great day and tomorrow AM I'll catch up on covering the blog posts from this week.

Technorati: Information Security, CSO

The Pragmatic CSO is Here! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com

Top Security News

Step 8: Contain the Problem
So what? - This summary of an RSA panel here on handling a data breach is exactly right. Exactly. You need what I call in the P-CSO a "containment plan." It will make the difference between living to fight another day in the event of a breach or looking for your next job. There are some good ideas here (especially making sure you have your own lawyer - just in case) about structuring the plan and then communicating with external parties. If you don't have a containment plan, that should be pretty close to the top of your priority list - FOR TODAY.
Link to this

NAP takes mind share lead
So what? - NAC once again is high on the list of RSA activity. This time it's a number of vendors that decide to take a NAP. Microsoft NAP that is. Is that kind of like a dirt nap? Time will tell on that one. But folks like Applied Identity (here), Bradford (here), Lockdown (here), and Vernier (here) jump on the NAP bandwagon. Why? Because Microsoft is not a "direct" competitor to folks that make appliances. It's not like there is a lot of value in these vendors focusing on Cisco's framework or even Juniper's - I mean - the industry TCG initiative. So I think ultimately NAP will win the hearts and minds of everyone that isn't Cisco and Juniper. That is until Microsoft kills them off by doing access control at the OS layer. I can just imagine a bunch of folks in Redmond hanging out in Dr. Evil's lair laughing as the bit haulers fall right into the trap.
Link to this

What Larry would have said
So what? - Even if Larry Ellison had shown up to do his keynote, what would he have said? Probably along the lines of "don't worry, be happy and Oracle will take care of everything - you silly security folks." Their positioning has been very Apple-like for a long time, again born out of an arrogance usually not found anywhere. Like this release here, which focuses on some more embedded security for PeopleSoft apps. Clearly it's about controlling the entire stack for Oracle, which theoretically can yield a secure system - IF YOU DO IT RIGHT. There is nothing I see that indicates Oracle is getting it right. I've said it before, but Oracle is where Microsoft was 4 or 5 years ago. Ignoring the security issues, trying to pacify the security community by belittling them, and generally sticking their heads so far into the sand they are probably eating some Egg Drop soup in Shanghai. They will get it and it will be painful for them - once they start losing business because of security. And they will.
Link to this

The Laundry List

Barney comes to visit RSA and McAfee, who both insist they are not Big or Yellow - here
Big Yellow takes a taste of the liquid (machine). Tastes like chicken - I mean DRM - here
Shavlik says hasta la vista - here
Cisco takes open source to the Meetinghouse - here
VeriSign drinks the Qualys milk (so they don't need to buy the cow) - here
Sophos battles the mobile malware threat (what threat?) - here

Recently on the Security Incite Rants Blog

Read the most recent Daily Incite
http://securityincite.com/security-incite-rants/daily-incite