The Daily Incite - 11/12/08 - Reality Check

Submitted by Mike Rothman on Wed, 2008-11-12 11:28.
::
Today's Daily Incite

November 12, 2008 - Volume 3, #88

Good Morning:
It's time for a reality check. The US (and seems like much of the global economy) is clearly in a recession and perhaps even worse. That means companies are going to be streamlining their functions, wringing costs out, and realigning how they do things. Smart companies invest in taking market share during downturns, but they also make sure that existing operations are running optimally. On the other hand, not so smart companies just cut (seemingly) indiscriminately.  Knock knock. This is reality calling...

So what does that have to do with you? Basically you are at risk. That's right, we all are. In this kind of environment, you CANNOT make assumptions about whether your organization shares your opinion about your value. So it's time to revisit how you quantify your value to the organization and what kind of accomplishments you've achieved this past year.

It's almost salary review and bonus time (if you work on a calendar year), so it's not a bad time to go through the process now anyway. Basically, this is Career Management 101. If you expect your boss (or bosses boss) to be watching your back, you may be sorely disappointed. You see, most people spend most of their time watching their own back.

It's just human nature.

Which brings up the complexity of actually showing value in a security role. It's really hard to quantify and most of the senior team doesn't care. Until an incident happens and then they care a lot. That's why I am always harping on a strong security program. With success criteria, milestones, and the requisite relationship building at the senior level. If you are invisible, you just become a name in a spreadsheet with a lot of names that are shown the door. If you are part of the team, it's not as easy to make that call.

So be a little proactive this week and start the process of tooting your own horn, working your contacts, and making sure the senior folks feel the love. Better that than trying to find another gig.

Have a great day.


Photo: "Reality Check" originally uploaded by aldrea
Technorati: , , ,

The Pragmatic CSO

 The Pragmatic CSO:
Available Now!

Read the Intro and Get
"5 Tips to be a Better CSO"

www.pragmaticcso.com

Incite 4U

Wow, a lot of stuff piles up when you don't hit your reader for 4-5 days. After wading through a pile of crap, I've got a lot to talk about. It'll take me a few Incites to get through everything.

  1. Yes, it can happen to you. Looks like neither the Obama or McCain campaigns were reacting faster, since the FBI had to tell them they'd been owned by some foreign government (allegedly, of course). But it highlights the fact that if someone wants to get into your stuff, they are going to. Period. So you need to be able to detect funky activity (like important policy documents been moved to outside services) and investigate quickly. I can tell you that it's unlikely the FBI will proactively alert you, like they did the campaigns.
  2. Looks like a new new thing is strong authentication for SaaS offerings. I've seen a few start-ups targeting that space (TriCipher and Symplified), but the big dogs are coming home. VASCO announces an initiative to extend their authentication infrastructure to the cloud. It seems more like fluff and strategic intent, but it's clear none of these folks that make a lot of money milking tokens are going to give up their cash cow easily.
  3. I'm with Imperva's Sharon on his point that you should test your applications after every change. Besides the fact that the PCI powers believe it's the right thing to do, it actually is. Software is pretty complicated and changing it usually results in a bunch of regression problems that can create vulnerabilities. Actually, you don't have to test after you make an application change. You can wait for the bad guys to let you know you've made a mistake. And they will.
  4. Regardless of what Stiennon thinks, "consolidation" continues unabated in the security space. Now it's Marshal and 8e6 joining together as a "merger of equals." Equals of what is the question, but strategically it does make sense since email and web filtering are coming together as this "content" security layer leveraging common service such as reputation.
  5. Hopefully you all have added the eIQviews blog feed to your reader, so you can get more Rothman all the time. Our compliance evangelist, John Linkous, is doing a series on Security Information and Event Management (SIEM) over the past week and will finish that up with two more posts. The first two (Part 1 and Part 2) deal with defining SIEM and pinpointing some of the issues. That miraculously enough eIQ solves. :-) How bout that marketing puke!
  6. Is SRP good enough? eWeek takes a look at Microsoft's Software Restriction Policies, which is simplistic white listing. I've been pretty vocal as to the importance of white listing moving forward and it's good to see Microsoft pushing forward on this. As a feature, of course, which means the independent vendors doing this need to continue pushing on additional value, and then hope that Big AV realizes they need this to get a deal done.
  7. Is a content pirate getting you down? I tend to just disregard when some unscrupulous folks syndicate my feed and sell advertising around it. But if you are a bit more vindictive than I (though I have my moments), you can take an approach like Ian Lurie, who maps out a path (which anyone can do) to make it pretty unsavory for someone to steal your stuff.
  8. The more things change... Secure Computing recently did their Q3 threats report and as much as many voted for change - it's still more of the same. Though political attacks predominated, we still have to pay attention to email security. Or run the risk of repeating history. 

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options