July 26, 2006

Good Morning:
The word of the day is Symantec. Besides their earnings report at market close, they were all over the news yesterday. Between the Merrill downgrade (mentioned in one of my blog posts), the consumer deal with Yahoo (here), and them taking another swipe at Microsoft Vista (here), they were just in my head yesterday. Yellow fever I guess. I'll also point to a vendor cat fight between CA and F-Secure (here) and a deal to finally take WatchGuard private (here). That sounds like a fun place to be, I'm sure the private equity buyer will be patient as they try to figure out that SMBs are buying UTM - just not theirs.

In the great non-security post of the day, check out this one from Tom Peters. Yes, that Tom Peters. The idea of "beware of laughter" is so true it hurts. I'm not that funny, but I've had folks that worked for me over the years that thought I was as funny as the Diceman. I'm not and kissing my backside didn't have much effect for those folks (which they figured out after about a minute), so it all works out - but this is great advice.

Have a great day.

Top Security News

Deal: WatchGuard sells for a song and a dance
So what?- Actually, for a bit more than a song and a dance (about 2x sales) WatchGuard is being taken private by Francisco Partners. Note this is for $4.25 per share and there was another bid by Vector Partners what was evidently withdrawn for $4.65 (reduced from over $5). So basically WatchGuard had a hard time giving themselves away, which is not surprising given they've been flat in a rapidly growing market for UTM in the SMB space. Not sure what Francisco's plan is to unlock value, besides slash and burn - but that doesn't work in growing markets. They need to figure out a way to re-energize with some technical innovation. Good luck with that.
http://www.watchguard.com/press/releases/wg365.asp
Technorati tags: WatchGuard, M&A, SMB, UTM
Link to this

Worst reference account award goes to Cisco
So what?- For those of us having done security marketing, you know how hard it is to get customers to speak publicly about what they are doing. But having a large technology company be a reference is kind of insulting, no? Now we'll probably hear all about how Cisco is using Solaris and SunFire's and the like. Ye old tit for tat. Aside from the issues I have with using big high tech references, the story is kind of interesting. It's about Sun's use of the Cisco NAC appliance and keep in mind they don't have much Windows running there (or Macs either, for that matter), so seeing that alternative OS's are supported is an interesting tidbit.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1195792,00.html
Technorati tags: Cisco, NAC, security marketing
Link to this

If you can't beat them, call them more names
So what? - Symantec is finding more holes in a pretty old beta of Vista. This time they found problems with User Account Control, which has been largely overhauled due to user pushback. Microsoft is taking the high road on this one, and they should. It's not clear to me what Symantec is trying to accomplish besides to make themselves feel smart. I guess the folks testing Vista would be potentially at risk, but still - what's the point? I guess they have one more report due out at the end of this week, but I'm not sure this is swaying anyone either away from Vista or towards Symantec.
http://news.com.com/Symantec+continues+Vista+bug+hunt/2100-1002_3-6097976.html
Technorati tags: Symantec, Microsoft, Vista
Link to this

If you can't beat them, find new channels
So what? - Symantec's reaction to Microsoft's OneCare and McAfee's hammerlock on most of the large ISPs was announced yesterday. They are offering Norton through Yahoo!, for a whopping $20 off the retail price making it comparable to OneCare. And they have decreased the testing period to 30 days. Will this make a difference, especially since many of the ISPs include desktop security with the pipe and customers seem pretty happy with that? Probably not, but maybe I'm missing something. So now Symantec has both Google and Yahoo!, big whoop!
http://biz.yahoo.com/bw/060725/20060725005259.html?.v=1
Technorati tags: Symantec, Yahoo, AV
Link to this

Apere wins the buzzword award
So what? - A new company announced on Monday called Apere. These folks provide an "identity appliance" that does access control on the network. Right, NAC. Talk about trying to jump on the buzzword bandwagon. Throw SMB in there for good measure, since they are targeting the mid-market with a box that starts at $15K. I actually talked to them and it's kind of interesting because they focus on post-admission control and integrate with the identity stores of applications like SAP and PeopleSoft. Of course, they now need to prove that it works, but many of the existing ideas for post-admission enforcement have been clunky at best. This is an interesting idea, which means we'll probably see another 5-10 vendors saying the same thing within a month or so.
http://apere.com/press_release.php
Technorati tags: Apere, identity management, NAC
Link to this

Top Blog Postings

Vendor cat fight
Ed Moyle is doing a great job of drawing attention to vendor idiocy. It seems F-Secure gets the Chicken Little award of trying to make us all fearful of theoretical mobile malware attacks. Interestingly enough, it was CA that called them out. Good for CA. Of course, the fact that they don't have a mobile malware offering notwithstanding, it's always good to see vendors throwing haymakers at each other. Ed's point is well taken, which is we need to consider vendor research for what it is - another marketing tool to try to sell more stuff.
http://www.securitycurve.com/blog/archives/000423.html
Technorati tags: security marketing, mobile malware, CA, F-Secure
Link to this

Martin isn't interested in the IDSP
Martin McKeay is definitely one of the most vocal folks in the space about privacy issues. He is passionate about his privacy and makes no bones about it. So it's not surprising that he's no fan of the idea of commercial ID service providers to issue "card" to US residents. I can understand where he's coming from, but I don't have the same hang-ups. I believe as well that IDSP's will emerge over the next 3-4 years, but they will be voluntary. I don't see how the government can force citizens to get IDs from 3rd parties. But if I can collect my Social Security and medical benefits using my 3rd party ID, I'm cool with that. I'm also joking because I don't think there will be Social Security when I retire and I'm not so sure about Medicare either, but that's not the point. If there is a benefit to me, I'd accept a 3rd party because candidly, I don't think the government will be able to get it done.
http://www.computerworld.com/blogs/node/3067
Technorati tags: identity service provider
Link to this

Will Justice be served?
Steve Duplessie covers the storage markets, but his point in this column is very relevant to us security folk. There pretty much doesn't seem to be a public security company that isn't investigating some options hijinx from the days of yore. But when the enforcement actions start, the realization of outright greed nauseates me. Steve uses Greg Reyes as his muse, but you could just as easily use some security CEOs in his place. These are guys that are worth tens or hundreds of millions, trying to take care of themselves and other centi-millionaires. Steve's ire is legitimate and I can only hope that if these folks are guilty, then they should pay the price. I'm sure Club Fed is no fun, even if you have a couple hundred million waiting for you when you finish your "stay."
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=19&articleId=9001954Technorati tags:
Link to this

A risk-based authentication primer
I've used the term contextual authentication pretty frequently to mean forcing the user through the "right" number of hoops to adequately protect whatever it is they are doing. RSA calls this "risk-based" authentication and Uri Rivner does a good job of describing the process in this post. Of course, it's slanted towards the Cyota flavor of contextual authentication and he does manage to give some props to RSA's other authentication properties, Passmark and SecureID - but if you are looking to understand the concept behind the products, this is a good read.
http://www.rsasecurity.com/blog/entry.asp?id=1113
Technorati tags: consumer authentication, RSA, Cyota
Link to this

Recently on the Security Incite Rants Blog

Podcast Poll
I'm trying to figure out whether anyone would listen if I started doing podcasts. So I put a poll up on securityincite.com. Let me know what you think because I imagine it's pretty time consuming and if there is no interest, then I'm sure I can find something else to do with my time.
http://securityincite.com/blog/mike-rothman/podcast-poll

Inciting: Symantec strategy story and Merrill downgrade
I wanted to point out a story on TechTarget that dealt with Symantec's strategy and featured some comments from you-know-who's peanut gallery. I also go through some of the thinking that Merrill Lynch had when they downgraded Symantec yesterday morning. Not that this is a stock watching newsletter, but some of the fundamental issues they point out are right on the money.
http://securityincite.com/blog/mike-rothman/inciting-symantec-strategy-story-and-merrill-downgrade

Dark Reading's Top 10 IT Security Myths Demystified - Part 3
In the 2nd installment of my dismantling of Dark Reading's Top 10 IT Security myths, I take on Myth #3 - Vendors have your best interests in mind and Myth #4 - Separate Physical, Electronic Security. Actually this piece is good to stimulate some different and critical thinking. So thanks to them for that.
http://securityincite.com/blog/mike-rothman/dark-readings-top-10-it-security-myths-demystified-part-2

EAC Blog: The Hogwash of Security ROI
The folks at TechTarget were kind enough to allow me to repost the work I did on the Expert Answer Center to my own blog. In this post I rant about why security ROI is pretty meaningless. Not that folks don't want it or that you will not have to waste time trying to figure it out, but at the end of the day it doesn't matter.
http://securityincite.com/blog/mike-rothman/eac-blog-the-hogwash-of-security-roi

Black Hat anyone?
I will be out at Black Hat next week in Vegas and would like the opportunity to meet, chat and drink with readers if you will be there. Let me know.
http://securityincite.com/blog/mike-rothman/black-hat-anyone

Read yesterday's Daily Incite
http://securityincite.com/blog/mike-rothman/TDI-2006-07-25