January 16, 2007 - Volume 2, #8
Good Morning:
Gosh, after a long weekend I kind of have a little analysis/paralysis about what to write about. I could talk about how all 3 of the kids are sick (none with the same stuff), so the winter of kid's discontent continues. Though the pediatrician is probably psyched. We make lots of visits. Or I could talk about how much I like to see live comedy. We saw Darren Carter [1] on Saturday night. Very funny guy. I got a headache from laughing so much. I know, it's retarded - but nothing a few Advil doesn't take care of. Or I could talk about 24, which was great and then not so great and then great again - all in the space of two nights. But lots of folks do that.
What I should talk about is the reason many of us were off yesterday, to celebrate the life of Dr. Martin Luther King, Jr. The "I have a dream" speech was a transformational moment in my childhood. Of course, I wasn't alive for the original, but when I was finally old enough to comprehend the depth and levity meaning of his words, it really put a lot of my culture in perspective, as well as gave me tremendous empathy for the folks that continue to struggle against discrimination in today's world. So some folks just considered yesterday a day off, but we really can never lose sight of the bravery and substance of all the men and women that fight against injustice.
Back to lighter topics, like how screwed up our security is. But evidently not as screwed up as the storage software market, since Symantec pre-announced an earnings miss for Q4 (here [1]). They blamed the data center business and also an ERP implementation run amok, which drove up costs. It'll be interesting to see which public security companies can maintain the Q3 momentum, and which drove into a ditch over the holidays. Too much egg nog may have been the culprit. In blog land, Kurt rants a bit about wipe and reinstall (here [1]). Regardless of your approach to fix a compromised machine, make sure you pay attention to what happened and ensure it won't happen again.
On Friday, I also got a chance to finally post my analysis of the Cisco/IronPort deal. You can check that out here [1].
Have a great day.
Technorati: Information Security [2], CSO [3]
 [4] | The Pragmatic CSO is Here! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com [5] |
Top Security News
http://biz.yahoo.com/iw/070116/0203484.html [6]
Link to this [6]
http://www.realtime-websecurity.com/articles_and_analysis/2007/01/are_phishing_kits_the_latest_t.html [7]
Link to this [7]
http://www.cybercrimelaw.org/blog/336/10+Questions+To+Ask+During+An+Information+Security+Interview.html [8]
Link to this [8]
http://www.darkreading.com/document.asp?doc_id=114409 [9]
Link to this [9]
Top Blog Postings
http://chuvakin.blogspot.com/2007/01/my-security-predictions-for-2007-go.html
[10]Link to this [10]
here [11]) about the idiocy of a 3Com guy's perspective that security can (and should be implemented) inline (bump in the wire). Hoff must respond and defend the honor of hardware engineers everywhere. Break it up jokers. You are both right. In many cases, out of band is a good first step and then over time (as networks get rearchitected) you add capabilities in-line and then eventually in the fabric. Virtualizing and putting things on blades, blah blah blah. Fundamentally, you are either seeing traffic because it goes through your box or because you are pulling traffic off a span port or a tap. PERIOD. There are times and places for both. Virtualization hasn't changed the fundamental laws of network architecture. And if what Alan is really asking is whether there is a need for a ASIC-based security device on the edge of the network, the question is irrelevant. Customers want to be protected and they want it to keep pace with the speed of their networks. If you can do that in software, bully for you. If you choose to spin ASICs, that's great. But don't forget that these technical nuances are usually lost on the customer.
http://rationalsecurity.typepad.com/blog/2007/01/upchuck_shrubbe.html
[12]Link to this [12]
http://riskmanagementinsight.com/riskanalysis/?p=76
[13]Link to this [13]
http://anti-virus-rants.blogspot.com/2007/01/why-wipe-and-reinstall-is-wrong-headed.html
[14]Link to this [14]