March 10, 2008 - Volume 3, #24
Good Morning:
I've been in Europe for the past couple of days. As you are reading
this, I'll be doing the keynote speech for a customer conference held
on the Continent.
Between a couple of 9-12 hour flights, and a few days to think (since
the Boss kindly let me come in a day early to check out the sites),
I've drawn some conclusions.
[1]First of all, I
have a love/hate relationship with travel. For my job, it is a
necessary evil. If I'm at home for too long, then I'm not getting out
there seeing the people. I'm not as good at my job, if I can't field
test my positions and do real research by talking to real people about
the issues they have. Sure I rely on my network of contacts, but there
is nothing like getting out there and chatting with folks.
Travel also takes me away from my family. I've come to embrace the
homebody that likes to get up with the kids in the morning and get them
ready for school. I stop working (most nights) in time to help clean up
dinner and then get them ready for bed. I really enjoy that time and
jealously guard it.
Yet, there is so much to see out in the World. In the US, we think old
is like 200 years. You take your kids to see battlefields and the like.
The stuff in the US just isn't that old. In Europe their stuff is
thousands of years old. THOUSANDS. The moss on some of the ruins over
here is older than the US Constitution. Now that is old, and unless you
get
out of your little comfortable existence - you don't get to experience
that stuff. So as much as I hate being away from home, you can't see
the world unless you travel a bit.
I saw a lot of families traveling together, and that is what I'm
waiting for. When the kids are old enough to appreciate trips to
far away lands. Not when they are pissing and moaning because the
chicken nugget doesn't look the same as Wendy's. In maybe 4 or 5 years
they'll be ready. And so will I. I didn't get the chance to do any of
this stuff when I was a kid. It wasn't an option. But I've been very
fortunate and it is an option for my family.
I can't wait to answer questions like, "Dad, why don't they
have a shower door in the bathroom." For the life of me, I don't know.
I've been to many countries around the world, and most of them see no
problem with getting water all over the friggin' bathroom when you
shower. Some have half-doors, some have no doors. Some don't even have
stalls. The shower head is pretty much in the middle of the bathroom.
When I'm traveling solo, it isn't an issue. But if I had 5 people
around, it would be quite a mess.
I'll sure I'll make up some answer for the kids. There must be
something on Wikipedia about it. Maybe I'll even ask some of my
European friends why there is no need for a shower door. Today that
just seems a lot more important than what's the latest and greatest on
IPS, but maybe that is just me.
Have a great day.
Photo credit: "Our shower had half a door" uploaded by
Gary and Kristie [2]
Technorati: Information
Security [3], CSO [4],Security
Mike [5], Internet
Security [6]
 [7]The Pragmatic CSO: Available Now! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com [8] |
Get Your Special Report: 6 Easy Steps to Protect Your Identity and get access to Security Mike's Portal today www.securitymike.com [9]  [10] |
Top Security News
Dan is right on in this SearchSecurity
interview [11]. Just do something! It doesn't have to be perfect.
You don't need 5 9's precision, but you do need to start somewhere.
Most folks remain paralyzed by the sheer daunting nature of all the
things that can be counted, but now is not the time for
analysis/paralysis. Buy Andy's book. Buy my book. Look at Dan's
presentation [12] (all 426 slides of it!) on the topic and do
something. Remember, time waits for no
one, especially the CFO who is still waiting for you to tell him/her
why you are relevant.
Link to this [13]
InformationWeek goes over 12 of them in this
article [14]. Similar to full disk encryption, ensuring that data
stored, transfered or otherwise pilfered on a thumb drive should be a
priority given the
downside of not doing so is informing all of your customers that their
data has been compromised. That being said, this blade cuts both ways
in that the capabilities of these secure thumb drives could easily be
turned inside out and used against you. Organizations have a few
options to deal with this issue, the first being a move to turn off the
USB ports on their devices. That's a pretty binary remediation and
usually goes over like Castor Oil, but it's an option. For those
investing in stand-alone DLP solutions (yes, despite my projections
that the market stalls this year, companies will be deploying the
technology), ensuring the solution provides endpoint protection is
important.
Link to this [15]
new. Like this eWeek article about a new
class of "anti-bot" technology that is filling the gap where AV doesn't
get it done [16]. Why is this a surprise? It's the innovation,
integration, consolidation cycle making yet another appearance. There
will always be new threats, and the big companies cannot innovate fast
enough to keep pace. So a bunch of new VC-backed companies show up to
meet the perceived "need" until Big Security gets their act together.
Maybe they build it or maybe they buy it, but eventually they get it.
And then the need for these new companies goes away. Those that aren't
consolidated, go away. Wash, rinse, repeat. Jaquith has it right in his
quote, the anti-spyware market that isn't a market is a great analogy.
Though it's not clear there is enough of a difference in bot-based
attacks to warrant a new class of technology. The reality is there have
always been gaps in what AV does, and there always will be. That's why
layers of security are still important.
Link to this [17]
The Laundry List
- See Dick run. See Jaynes try to run faster. There must be a joke in there about Jeremy Jaynes spam conviction holding up and his sentence confirmed. Hope the big house is comfy. KY is in the mail. - Douglas Schweitzer's Blog [18]
- The storage and security line continues to blur. Hitachi brings FAST's technology to market with their storage stuff. Security is a feature of yet another market. - NetworkWorld coverage [19]
- Providing access to log data via an API is a good idea, though it's hard to see how 15 consumers of LogLogic's API is a reason to declare victory. I guess everyone has to start somewhere. - LogLogic release [20]
- IE 8 adds more security goodness. But until there is a NoScript-like option, it's not good enough. - Zero Day Blog [21]
Top Blog Postings
Rip Van Shavlik weighs in on the topic here [22],
which must be his first substantive blog posting in a long time. Fact
is, every configuration management vendor needs to figure out how and
when they are going to deal with the virtualization threat. It may be a
paper tiger now, but at some point it won't be. The real question is
when. It would be very handy to have a crystal ball.
http://spiresecurity.typepad.com/spire_security_viewpoint/2008/03/virtualization.html
[23]Link
to this [24]
http://jeremiahgrossman.blogspot.com/2008/03/100-secure-websites.html [25]
Link
to this [26]
http://securosis.com/2008/03/05/principles-of-information-centric-security/ [27]
Link
to this [28]