February 9, 2007 - #6

Mike's Pep Talk:

"Baby, you make me wish I had three hands."
- Benny in Total Recall [1]

Being at RSA this week and roaming the show floor a bit made me think of that great scene in Total Recall, where Doug Quaid (our hero Arnold) goes into a "bar" on the Mars outpost looking for Melina. That bar, with the dancing girls, drinking and everyone trying to sell something definitely resembled the RSA show floor.

If you had a couple of bucks, it seemed you could buy pretty much anything you wanted. And with all that hot air in one room, I'm just glad it wasn't Mars so I could go outside and get a breath of fresh air and get the stench of all that horse-puckey being spewed on the floor out of my nose.

Which goes to the topic of this week's pep talk - don't believe everything you hear. For those of you familiar with my research at Security Incite - you know I'm pretty cynical about pretty much everything. I'll admit I was born cynical and sarcastic, but being in the security and networking business for the past 15 years hasn't really helped soften my edge.

That was very apparent on the show floor, where vendors were resorting to all sorts of tricks (including of all horrors, booth babes) to gain the attention of potential buyers. And once they have your attention, their objective is to keep it. And sometimes they make claims on the show floor that don't necessarily hold up in the lab. Empty claims don't help you to do your job any better.

Maybe this advice comes in a day late and a dollar short, given the show is over. But I suspect many of you will go to another trade show or two at some point. As you are interacting with vendor personnel, cast a wary eye on what they are saying. Make sure you describe your situation and make sure they understand how they would help you. When you get back to your home base, the ones that stacked up best deserve a deeper look.

It was great to see so many of you Pragmatic CSOs at RSA this week. Thanks for the feedback, both positive and negative. I really appreciate you reading and participating. It makes my research better and my job more fulfilling. Still don't have a copy yet? Head on over to The Pragmatic CSO [2] website and pull the trigger. If you don't plan to, let me know why? You know where to find me.

In this week's issue:

• This week's P-CSO Tip: Managing up [2]
• Mailbag: The confidentiality question [2]
  
• Mailbag: How to get more detail [2]

here [2].

Being at a show like RSA reminds me how long I've been in this space. I ran into many people I've known for over 10 years, in a business where one year is a lifetime. Of course, security was quite a bit different back in the early 90's (before there was even an RSA conference), but I've been either doing, researching, or marketing/selling security for about 15 years. Now that's scary. 

To be clear, that an about $4 will be me a cup of coffee. But hopefully it's a bit of an answer for someone trying to understand my credentials to write the Pragmatic CSO. 

[3]   [4]

 

---