The Daily Incite - 12/22/09 - Are we there Yeti?
December 22, 2009 - Volume 4, #41Good Morning:
Another of my holiday rituals is the annual pilgrimage up North to spend the winter break with my in-laws. This involves first packing up the family truckster, which includes the optional roof rack just to ensure we can fill the car to the gills with crap we don't need for a 10 day journey. But I gave up trying to get the Boss to pack the stuff we actually "need," so I just dutifully load up the car and get ready to go.
The drive takes between 10-11 hours depending on traffic. Most of my friends send their condolences a day or two ahead of the trip, knowing what it would be like to spend 11 hours in a car with their kids. But I have to give thanks to Moore's Law, which has enabled us modern conveniences like the portable DVD player and the car stereo with the AUX jack, so my kids can watch movies for 10 hours, while I drive.
Truth be told, the trip is a lot harder on the Boss than it is on me. She's actually got to deal with them for 10 hours. Between the elbowing (it's amazing how even in a 7 person van, the kids have to poke and prod each other for a majority of the trip), the constant hunger pangs, the "are we there yet?" questions and the arguments about who gets to pick the next movie, I'm just glad to be the designated driver.
After 6 years of making this drive, everyone knows my process already. I get pretty grumpy when packing the car, since I know we don't need half the stuff we are taking. I get even grumpier when we are trying to get out of the house, since it takes an hour to do the last 5% of stuff to finally get on the road. And about 2 hours in, I get into the zone. I've got my iPod cranking music, the kids have settled in, and I just drive.
This year the Boss got a lot smarter about movie selection. Part of her agony was having to watch the kids movies/shows for 10 hours. I mean, who wouldn't be homicidal after listening to 4 hours of the Wiggles, and have another 6 hours to go? But this year, she hit the bargain basement DVD bin and came back with gems like Groundhog Day and Back to the Future. Amazingly enough, the kids enjoyed those classics and my wife was reasonably sane.
But this trip was a bit different in that we were trying to beat a pretty severe winter storm. The original plan was to leave around noon, but we called an audible at the line and decided to take off around 9 AM, and a good thing we did. We were literally on the front end of the storm that dumped almost 2 feet of snow on the Mid-Atlantic region. There were times we got ahead of the storm and were able to motor, but during the next potty or gas stop, the weather seemed to catch up and drop snow on us. If we hadn't left early, we may still be on the road.
On the last gas stop as the snow was really starting to fall, I could
have sworn I saw the Yeti saunter in and buy a case of Bud. He was
about 8 feet tall, had white hair all over, and was wearing a Lynyrd
Skynyrd shirt. Who knew that the abominable snowman loved Southern
Rock? I asked if he needed a lift further North, but he politely said a
couple of feet of snow and a case of Bud was all he needed. Now that is
a guy that understands his definition of happiness.
The Pragmatic CSO:
Read the Intro and Get
"5 Tips to be a Better CSO"
me on Twitter:
I'm not sure where I'm going, but I'll get there in 140 characters - or less...
Incite 4 U
- All hail Czar
Howard - Just as many of the pundits didn't think there
would a US Cyber Czar appointed, it looks like Howard Schmidt will be under the White House
Xmas tree this year. And all I can do is shake my head a bit
and wish him good luck. Howard knows the folks that need to be
known both in industry and within the Beltway, but part of me just
figures this is moving more deck chairs around the Titanic. Will he be
empowered? What is his metric of success? Maybe the public announcement
will clarify these things, but most likely not. I suspect the best gift
you can get Howard is a Redskins helmet. He'll need it as he bangs his
head against the wall in DC for the next couple of years.
- Playing both
sides of the cyber-ball - Given that a new Cyber-Czar has
been named, it's interesting to check out John Pescatore's post here about playing
cyber-offense and defense, and his point that the guys that
play offense (hackers, et al) are not the right guys to be protecting
the flanks. He speaks the truth because any senior security position is
more political than technical now. It's about persuasion and
operations, not about IPS Kung Fu. To be clear, John makes the point
that the flow of information from the offensive minded is important (to
know what you are defending against), but the skill sets are different.
Yes, pragmatic fellow that Pescatore.
- FIRE burning
on the dance floor - It's always interesting to see how
other constituencies view security companies. This piece on Seeking Alpha about an investor's analysis
of SourceFire is interesting. The guy makes interesting
points about the seasonality of the business, and also has valuation
concerns (what's the issue with a 60x earnings multiple?). But
ultimately the stock right now is a mo-mo play. High valuation, but
good growth and the Street pays a premium for that. But it also means
that what the Street giveth, it will taketh away - at the first
indication of slowing growth.
- Who's that
router talking to? - A lot of us have spent years in the
trenches and take a lot of good security practice for granted, which is
always a dangerous thing. This piece by Joel Snyder on SearchSecurity is a good
reminder that we need to be well aware of who and what our edge devices
are doing. Joel's point here is to make sure outside access
on promiscuous protocols like SNMP is turned off, which is good advice.
It gets back to my opinion of Network Security 101. Lock down the
traffic that is allowed to enter (yes, default deny), make sure you
understand the traffic flows on your networks and look for what is
different. Given we are dealing with an infinite attack surface,
looking for anomalies is one of the only ways to keep pace.
- Amen to Risk
Adjectives - Great post and point by Gunnar
about the need to lose the generic "risk" term from our vernacular.
Without some means to describe what risk we are talking about (the
aforementioned adjective), the term is meaningless. And that's always
been my big problem with anything risk-centric. The term can mean
something different to everyone, and therefore it means nothing. So if
you hear the "R" word come out of your mouth, make sure it's qualified
so there is no uncertainty about what kind of risk you are talking
non-existent Security Strategy - Kudos to Jon Oltsik for
beating me to the punch in questioning what Cisco is doing in security
nowadays. My sentiments exactly. Since Jayshree Ullal left,
it seems there is no one driving Cisco's security strategy. The STBU is
really IronPort with new business cards. I mean, how old is the frackin
Self-Defending Network? Cisco is making announcements around the fringe
and not really evolving their strategy to deal with the evolution of
the attack surface. As Oltsik points out, Cisco is still moving a lot
of equipment, but that's because they are Cisco - not because the
products are reflecting the market reality. You don't think of Cisco as
a follower, but in security that's exactly what they've become.
- Facing your
own demons - Many of us know Bill Brenner of CSO. You've
probably spoken to him or at a minimum read his stuff at TechTarget or
his current gig. But you didn't really "know" Bill. I certainly didn't.
But through his new personal blog, The
OCD Diaries, I am getting to know Bill a lot better. I knew
he was funny and a bit quirky (who in security isn't?), but in reading
about his battles to address his mental health issues and deal with
loss, you gain a real appreciation for the man and for his courageous
journey. Not many have the stones to bare their soul in a public forum,
but those that do can teach all of us a lot. Keep up the good work
Bill, both on the blog and on yourself.