November 29, 2007 - Volume 2, #158

Good Morning:
I keep getting reminded almost every day that this new media thing is disrupting all sorts of existing business. Probably none more than the traditional technology print media. It's not like the Big Tech Media folks (CMP, IDG, CNET) are starving, but they are certainly not partying like it's 1999 either. Business changes and it needs to evolve.

I'll also lay a little more context in the fact that I'm an information junkie. I have over 400 feeds in my RSS reader. I also get 40-50 different newsletters of some sort every day. No, I don't read every word, but I skim and then dive down into the things that are interesting. I like to get newsletters from the likes of NetworkWorld, TechTarget, and eWeek. Not because I read everything they send to me (and they send a lot to me), but every so often there is something of value.

The key word there is SKIM. To keep up with the volume of crap that comes at me, I need to be quick about getting through the morass and I can only afford to handle a message once. So now that NetworkWorld is only putting a frickin' single paragraph of their newsletters in the email and forcing me to actually navigate to their web site to read the article, it really impacts my ability to utilize their content.

In practice, unless that first paragraph is really compelling, I'm sending the newsletter into the circular bin. If my job wasn't to wade through all this information (most of it crappy), so you don't have to - I'd just ditch all their newsletters altogether. They've made it hard to consume their content. I suspect many people will opt out, which could potentially kill their cash cow of selling advertising in the newsletter.

Listen, I understand the need to try new models and to see which one will yield the most from a revenue standpoint. But that doesn't mean I need to like it. 

Before I go, I want to wish my Mom and very Happy Birthday. She's having a big milestone B-Day today and we are all ecstatic that now you are taking time to enjoy the spoils of all those years of hard work. 

Have a great weekend. I'll see you in December!

Technorati: Information Security, CSO, Security Mike, Internet Security

The Pragmatic CSO: Available Now! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com

Get Your Special Report: 6 Easy Steps to Protect Your Identity and get access to Security Mike's Portal today www.securitymike.com

Top Security News

Moving the deck chairs on the Titanic
So what? - I seem to have missed this coverage of the new cybercrime bill that passed through the US Senate a couple of weeks ago (H/T to Steve Gold for pointing it out). It allegedly addresses a number of the loopholes within the previous legislation in terms of now allowing victims (not just companies or the government) to go after the bad guys without requiring a civil proceeding. They also lower the bar on defining computer fraud subject to prosecution under the federal statutes. In concept, I'm all for tightening up the laws based on what we've learned over the past few years of actually trying to go after these criminals. We've also seen some fairly high profile prosecutions of bot masters and the like, which is also good. Yet, there are a couple of things that also need to happen in order to really take a bite out of cyber-crime. First, we need better extradition arrangements with many of the countries where a lot of the malicious activity happens. Yes, in some of the Eastern European countries and South America and maybe even China. A guy running a botnet from Seattle is taking some big risks. The same guy in Estonia? Not so much... Secondly, we have to continue focusing on training the consumer base about what to do and what NOT to do online. Until we impact the revenue side of the equation, and make cybercrime less lucrative, it'll be the same old same old. 
Link to this

Rolling on some patch management juju
So what? - Looks like automated patch management will be the next subject of Network Computing's Rolling Review process. I've already vented a bunch of times about how annoying a rolling review is, so I won't go there yet again. I'm also a bit surprised at the choice of topic. This feels kind of like having a rolling review of AV or a firewall. Patch Management is a pretty mature space now. Of course, you have some vendors that are trying to transcend "patching" in lieu of the broader "configuration management" discipline - which is were the business really needs to go. So maybe I'm just a bit surprised at dusting off the old Patch Management term. I think the biggest problem they are going to have with this review is to actually get an apples to apples comparison. How do you compare HP Opsware with WSUS? It's like comparing a Howitzer to a .38. But ultimately for large organization, getting a handle on configurations and patching is critical (for small organizations too, but the pain is not as acute), so the results of the review should be interesting.
Link to this

Did they sue Spamalot too?
So what? - Everyone can now rejoice, since Spam Arrest has won the right to keep their trademark prevailing over the real purveyors of SPAM (as in the fake meat) - Hormel. There is bedlam in the streets of Seattle now, rivaling the parties when the Sonics won the NBA Championship in 1979 (long live Jack Sikma!). Having been involved in useless trademark litigation (and it was my company that was the plaintiff), it's all about proving damages. I guess the folks at Hormel couldn't prove that having SPAM ARREST on the loose hurt their ability to slowly, but surely poison a large portion of the world that partakes in canned lunch meat. Congrats to the Spam Arrest folks in standing their ground, many of the other folks sued by Hormel settled. Although on a strictly economic basis, it was probably cheaper to settle than fight. Let's have a final cheer for the lawyers, who win regardless of the outcome. Long live the billable hour.
Link to this

The Laundry List

Top Blog Postings

Evangelists won't get you off the hook
LonerVamp expands a bit in this post on Dan Morrill's original Top ten information security issues to tackle now piece. I need to drum on the vamp a bit relative to the first point he makes. I'm all for having an "evangelist" to play liaison between the security team and the business. In fact, that is really the CISO's job. But to say that everyone in the organization doesn't have to understand the fundamentals of their business is just wrong. Having someone to translate grungy technical speak does not let security professionals off the hook for understanding how your employer keeps the lights on. Even a lowly firewall administrator needs to understand the business process that underlies the traffic flows that the firewall is supposed to protect, or how else can they do their job? The examples he uses (the accountant making the sales pitch and the sales guy fixing their own PCs) are contrived. At the end of the paragraph he softens a bit relative to business savvy, but if anything that confuses his point. Maybe I am misconstruing what LonerVamp is trying to say. So what is it Mr. Vamp? Do security folks need to improve their business savvy or not? I think everyone knows where I stand on the issue.
http://www.terminal23.net/2007/11/morrills_top_ten_things_in_inf.html
Link to this

Too much stuffing for Ogren
I guess the tryptophan impacted EO's synapses a bit. On his ComputerWorld blog, Ogren comes down on a bunch of the big vendors because they are basically big vendors. No kidding. What I'm missing is how 3Com had a chance to challenge the network status quo? The networking game was over back in 1998. Ever heard of a little company called Cisco? TippingPoint saw the 3Com deal for what it was - a way to legally rob 3Com's shareholders to the tune of $400 million. And RSA taking a head shot for not executing on their "bluster?" Well, if they did execute, then the security business would be gone already, since that's what Coviello the Great was preening about in February. I also question the logic of Eric's libertarian position taking Symantec to task for a layoff at the same time they are buying Vontu. Amazingly enough, it's actually possible to rationalize the expense side of the equation (and don't tell me Symantec isn't bloated after all those big deals), while acquiring growth in adjacent markets. Maybe it's not equitable that some of the Vontu folks are shopping for Ferraris and Big Yellow casualties are in the soup line, but that's how free markets work. Listen, I'll be the first to acknowledge that all of the big security vendors screw things up all the time, since I'm usually one of the few calling them out. But my friend EO is a bit off base on this one.
http://blogs.computerworld.com/thanksgiving_gobblers
Link to this

Recently on the Security Incite's Blogs

Find out what Security Mike is talking about
http://sm-blog.securitymike.com

Check out the latest on the Security Incite blog
http://blog.securityincite.com/

Read the most recent Daily Incite
http://securityincite.com/security-incite-rants/daily-incite