Quick Incites - May 29, 2007
i hope everyone had a wonderful long weekend (if you are in the US, anyway). It was great to spend the weekend with family and friends and pretty much unplug. Since it is a short week, and I don't expect a lot of new news - I'm going to take it easy and spend a bulk of the week wrapping things up for the upcoming P-CSO bootcamp (next Wednesday, June 6 in Atlanta - only two seats remain).
So I'll just be jotting down some quick Incites this week. The full Daily Incite will resume next Monday, June 4.
Sclavos Out - VeriSign's Stratton Sclavos stepped down today, for undisclosed reasons. Check out VeriSign's press release.
Deal: Google buys GreenBorder - As Google dips their toes into security, it'll be interesting to see what their big plan is. As reported on the Googling Google blog, Google has acquired browser virtualization vendor GreenBorder. Hmmmm. Could this be the "overlay" that will securely house Google's Web-based suite of office automation applications?
Sorry Hoff, It's all about the data - Instead of kicking back over the holiday weekend, my favorite Knight Rider (MCW - it's Chris, not David (Hassle)Hoff) was thinking big thoughts on the future of security and declaring that Network Security is Dead. Per usual, Chris is on the right path. But I don't think he pushes it far enough. I agree that we need to bolster the host defenses, though I don't think that means we go all Jericho and forget about the network. Though most of all, I think we need to do a much better job of securing DATA. Devices come and go, and the first 15 years of security were all about the DEVICES (and now with virtualization, they don't even really exist). I believe the next 15 will be all about the DATA. I don't quite know what that means, but i have 15 years to figure it out, no?
Where is that mail order PhD? - What fun would today be if I didn't poke someone in the eye. This time, it's the fine folks at Symantec, who published a pretty incomprehendible blog post called "Because that's where the money is." I get that social engineering is the best way to compromise folks information, and has been for decades. But what is the answer? Oh, it's making sure your own machine isn't compromised, which means an endpoint security suite, which is Symantec's cash cow. Huh? And most normal people will have no idea what a "compromise" even means. Weak analogy, weak thinking, weak post.
And on that fine note, enjoy your day. I'll have a few more Quick Incites tomorrow.
Mike:
Of course it's all about the data, but we already know that. The blog I posted was meant to be contentious regarding the point that supposedly the network is going to save us all -- it's not. More and more security is going to end up back in the "host" -- whatever and wherever that means. Virtualization is going to affect the definitions of the two latter locations, as you so astutely pointed out.
I wholeheartedly believe and have stated time and time again that security decisions need to be made on content in context, but we're further away from that when approached from the network side than we are from the host side...for a little while longer yet. There are some intriguing intersections between IP Leakage, Data Classification, DRM and Content Security coming.
If you read the Jericho Forum manifesto more carefully, three of the most important commandments (#9, 10 and 11 ) state the following:
My following blog entry was going to talk about exactly that which you bring up above, but I want people to get over the concept that the network is their salvation...it isn't.
No need to apologize, Mike, I know what you meant ;)
/Hoff