September 11, 2006 - #113
Good Morning:
I was in Logan Airport on 9/11/2001 about the same time as the bad guys, flying into Boston for my weekly trip to SHYM HQ. Like many of you, I'll never forget my experiences that day. But today I'm pissed off that 5 years later we have let the terrorists impact our daily lives (have you flown lately?) and they've co-opted one of our days. Co-opted? How many of you would choose to have a child born on 9/11? Not many. My wife and I prayed that the twins would stay put until 9/12. Thankfully they did. 9/11 is this generation's "Day of Infamy [1]" and that's too bad. But it is what it is.
Let's turn this into a positive and celebrate the lives of those lost that day. I can only hope that it's not only this day that we remember. The folks that died that day deserve better. Douglas Schweitzer says he remembers every day (here [2]). I can't say the same, but I remember a lot. Those that forget history are doomed to repeat it.
Has anything really changed in the past 5 years relative to cyber-security? Unfortunately not much (here [2] and here [2]). Security is much more top of mind, but if anything we've taken a significant step backwards because hacking is now a big business with much more at stake. It was mostly fun and games back in 2001. Now it's all business. Even to the point where some folks are questioning whether to even track worms anymore (here [2]).
And to continue piling on vendor sales guys, check out today's Dilbert (here [3]). I've seen that movie before. If you've been in technology for more than a month, you have too.
Have a great day and if you lost friends and/or family 5 years ago - my thoughts and prayers are with you today.
Technorati: Information Security [4]
Top Security News
McKeay [5] just threw up and we need to find the middle ground. The real question is whether we are better prepared to deal with a disaster like this again? I can't speak for governmental bodies because I don't really spend much time there, but by and large I think corporations are far better prepared. Backup and disaster recovery processes are much cleaner and tighter (though they could always be better) and we are starting to see technology being used to aid first responders. No, it's not there yet, but I think 5 years from now we'll be in a much better position as more private entities bring capabilities to the table. Much like what we saw from folks like Wal-Mart and Home Depot during the aftermath of Katrina. They filled the gaps that the government couldn't handle themselves. Is that optimistic Mike making a cameo appearance?
http://www.informationweek.com/blog/main/archives/2006/09/post_911_five_y.html [6]
Link to this [6]
http://www.darkreading.com/document.asp?doc_id=103285 [7]
Link to this [7]
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9003087
[8]Link to this [8]
http://www.securitypronews.com/news/securitynews/spn-45-20060908ChaseDumps26MCustomersInLandfill.html [9]
Link to this [9]
http://yahoo.smartmoney.com/Techsmart/index.cfm?story=20060908&afl=yahoo [10]
Link to this [10]
Top Blog Postings
http://www.matasano.com/log/485/finger-79tcp-wysopalveracode-hp-pretexting-and-social-engineering/
[11]Link to this [11]
here [12]). Do I know how we get there? Of course not. But I do know that when you have systemic issues (HIV/AIDS) that constantly defeat the immune system, evade defenses, and kill people then you may not want to model your success scenario after that. I will admit that given the ability for the bad guys to evade our defenses and get our devices sick, the analogy does hold a bit today - BUT NOT IN A GOOD WAY.
http://rationalsecurity.typepad.com/blog/2006/09/the_immune_syst.html [13]
Link to this [13]
http://blogs.zdnet.com/threatchaos/?p=402
[14]Link to this [14]
http://www.stillsecureafteralltheseyears.com/ashimmy/2006/09/if_the_worm_die.html
[15]Link to this [15]