logo
Published on Security Incite: Analysis on Information Security (http://securityincite.com)

The Daily Incite - December 21, 2006

By Mike Rothman
Created 2006-12-21 10:01
Today's Daily Incite

December 21, 2006 - #176

Good Morning:
I just realized that this is the last TDI of 2006. Wow! I'm taking a break tomorrow on what I expect will be a very slow news day. Next week I'm going to revisit the 2006 Incites, do a final assessment, and close the book on 2006. So we'll end up with 176 editions of The Daily Incite in its inaugural year. I have a lot to be grateful for this year, and it starts with my family, but my readers are close behind.

For me, I've been strangely quiet about Time Magazine anointing "You" the 2006 Person of the Year. It makes me want to say "F*** U" to Time. Seriously. I feel that was a cop-out. I don't see what the big deal is. Since the early days of the Internet, communities have been forming and users have been contributing content. Sure RSS, blogs and things like MySpace and YouTube have made contributing easier and within reach of pretty much everyone. But, to me, this is more about passing the tipping point of broadband adoption, which makes something like YouTube possible, not some miraculous sea change where users are now contributing. But that's one man's opinion.

There were a few deals yesterday in security-land. I mentioned the CHKP/NFR deal yesterday (here [0]) and Matasano Thomas weighs in here [0]. Let's just say, he's not a fan of the deal. Websense finally did something and bought PortAuthority (here [0]). Good for them. Even if they are wrong or bungle the integration, at least they are doing something. It's much worse to be the walking dead. If you are going to fly into the mountain, at least try to pull up on the stick.

I also rant a bit about the "checklist" mentality that permeates the security business (here [0]). I really do wish security was as easy as following a checklist and pumping that data into an ISMS (information security management system). But it's not. That approach severely underestimates the skills of your adversary. Do that at your own risk.

Enjoy the holiday season and be safe. TDI will resume on January 2. But you'll hear from me before then, I promise.

Technorati: Information Security [1]

The Pragmatic CSO [2]
Coming January 2, 2007		 Webcast promo [2]

Top Security News

http://www.securityfocus.com/columnists/426/2 [3]
Link to this [3]

http://www.scmagazine.com/us/newsletter/dailyupdate/article/20061218/610005/ [4]
Link to this [4]

http://www.noticebored.com/blog/2006/12/audit-checklist-for-information.html [5]
Link to this [5]

http://www.eweek.com/article2/0,1895,2073528,00.asp [6]
Link to this [6]

http://blogs.cio.com/node/228 [7]
Link to this [7]

Top Blog Postings

http://securosis.com/2006/12/19/security-often-has-little-to-do-with-safety/ [8]
Link to this [8]

http://1raindrop.typepad.com/1_raindrop/2006/12/php_security_re.html
 [9]Link to this [9]

http://www.matasano.com/log/651/checkpoint-buys-their-way-into-last-place/
 [10]Link to this [10]

http://securityblog.itproportal.com/?p=635
 [11]Link to this [11]

http://securityincite.com/TDI-2006-12-20 [11]

Source URL:
http://securityincite.com/blog/mike-rothman/the-daily-incite-december-21-2006

Links:
[1] http://technorati.com/tag/information%20security
[2] http://www.pragmaticcso.com
[3] http://www.securityfocus.com/columnists/426/2
[4] http://www.scmagazine.com/us/newsletter/dailyupdate/article/20061218/610005/
[5] http://www.noticebored.com/blog/2006/12/audit-checklist-for-information.html
[6] http://www.eweek.com/article2/0,1895,2073528,00.asp
[7] http://blogs.cio.com/node/228
[8] http://securosis.com/2006/12/19/security-often-has-little-to-do-with-safety/
[9] http://1raindrop.typepad.com/1_raindrop/2006/12/php_security_re.html
[10] http://www.matasano.com/log/651/checkpoint-buys-their-way-into-last-place/
[11] http://securityblog.itproportal.com/?p=635