April 3, 2007 - Volume 2, #55
Good Morning:
Sacked. That is not a pleasant word, and it's even less pleasant when it happens to you. As reported by Ryan Naraine (here [1]), Ross Brown has been sacked by eEye. I spoke to Ross yesterday about content management systems. It wasn't a conversation you have with a dead man walking, and that saddens me. I have no idea what was really going on inside eEye. It may be the best thing for eEye and even for Ross in the long run. I'm not in a position to judge that.
I'm saddened because Ross was surprised. I've been there. It's painful. You give everything you have to a company, nights, weekends - you sacrifice time with your family, you make a difference, and then you are gone. No warning, hardly any thanks - just a conversation about a crappy package with some lawyer. Yes, I've been there. When someone gets canned and it's a surprise to them - the system is just not working. This problem manifests itself usually from a set of cowardly executives and board members that don't want to have a candid conversation with someone that isn't meeting expectations. Or they don't know what their expectations are and they figure if they change horses, everything will be fine. It rarely works out that way.
I've only surprised a team member of mine once. Part of it was him, in that he didn't see the signs. But a big part of it was me in that I couldn't get him to where he needed to be and I used him to try to save myself. It was a selfish move, it was wrong, and ultimately it didn't work. I got sacked anyway. Thankfully he believes in forgiveness and we are now friends.
The day after I left my last job (probably THE last job I'll have), I was incredibly happy. Just goes to show how miserable I had let my job situation become. But it was actually my family that grounded me and got me focused on what was important. When I got home that day, nothing was different. I was just Dad. I realized that they don't care what I do for work. They don't base their judgment of me as a person based on what some CEO thinks is a good job or not. It was then that I knew I had to take a different path.
I had no idea what that path was, but I've always had a lot of confidence in myself and I knew I would figure it out. I just needed to follow my passion and put myself in a situation where I could have fun again. That meant no full-time marketing gigs. No crazy CEOs. No turnarounds where I'm fixing a mess made by someone else. None of that.
I needed to be in control of my destiny. I wanted my success or failure to be based on my efforts. That's why I am doing Security Incite. That's why I wrote the Pragmatic CSO. That's why I'm launching the Security Education Network with Santa (here [1]). I know I can and will make a difference, but it will be on my terms.
Ross, I feel for you man. But change is good, change is necessary, and in time (and it won't be that much time) you will gain perspective on what happened. You will move on and you will find success. And you will be better for the experience. If you don't have bad times, you can't appreciate the good times.
Have a great day.
Technorati: Information Security [2], CSO [3]
 [4] | The Pragmatic CSO is Here! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com [5] |
Top Security News
here [6]). There really is no place to run, no place to hide. Even a friggin' cursor is subject to attack now. Part of me wants to unplug everything and go back to paper and pencil. Not sure I want to even use my cell phone. But the other part of me wants to fight. Guess which one is going to win? It's always darkest before the dawn, and it's probably going to get a bit darker in the near term. I remember I stopped watching the local news (when I lived in DC) because it was all about murder, robbery and other mayhem. Sometimes it's best not to pay attention to what's going on out there, but to focus on what you need to do today. Obviously you can't be totally oblivious because you need to educate your users about specific attacks (like the friggin' cursor), but you also don't need to read about every data theft in great detail. It will make you crazy. The only way to rise to the challenge is to get things done. Pragmatic CSOs focus on what is in their control, and they get things done. We can unplug or we can fight. I choose to fight.
Link to this [6]
here [7]). It's basically an integrated network and security platform. From a disclosure standpoint, Alan and Mitchell (the most visible of the StillSecure guys) are friends and clients. I've known about Cobia for a long time. Actually a Cobia [8] is a pretty mean fish. My suggested tag line was "Cobia - one bad-ass fish." Maybe that's why I'm not in marketing anymore. Read the release or Alan's explanation (here [9]) about the functionality. I want to do a little preview of a piece I'm working relative to open source in the security business. Security open source is a myth. Actually, it's more of a distribution strategy nowadays. Sometimes it's used to kick a competitor in the nuts. We really need to take a step back and come to some conclusions about what open source is and what it isn't. Matasano Thomas asks a number of great questions along these lines here [10]. Alan responds here [11]. My point is that the free love 60's era ended for a reason and maybe we are seeing the end of the free-love open source era. I'll have a lot more to say about this later this week.
Link to this [11]
here [12]), since a lot of SMB's get crushed by a DDoS. Yesterday they announced a web filtering service (here [13]). What they haven't announced is a security solution architecture that is believable and makes sense. AT&T is going to sell a lot of security stuff just do to their breadth and reach. But they won't be considered a real player until they communicate a cohesive story.
Link to this [13]
The Laundry List
Kaspersky tries to protect the open spaces. Kind of seems like an endpoint security offering to me. - here [14]
Where's the air marshal when you need him? Fortify announces a new attack vector called JavaScript Hijacking. - here [15]
ForeScout visits the Oracle to get more detailed identity information. - here [16]
IBM ISS takes IPS down market, and seems to have adopted the IBM arcane mainframe naming policies. Get your IBM ISS Proventia Network IPS GX3002! Say that 10 times fast. - here [17]
MessageLabs figures out that SMBs are being attacked too. Thanks Captain Obvious! - here [18]
Top Blog Postings
http://www.bakmansblog.com/2007/03/how_good_or_bad.html [19]
Link to this [19]
http://www.matasano.com/log/746/on-chains-meshes-and-defense-in-depth/ [20]
Link to this [20]
http://taosecurity.blogspot.com/2007/03/remember-that-tjx-is-victim.html
[21]Link to this [21]