Blog - Author Posts

Incite 3/17/2010: Seeing the Enemy

By Mike Rothman
“WE HAVE MET THE ENEMY AND HE IS US.” POGO (1970) I’ve worked for companies where we had to spend so much time fighting each other, the market got away. I’ve also worked at companies where internal debate and strife made the organization stronger and the product better. But there are no pure absolutes – as much as I try to be binary, most companies include both sides of the coin. But when I read of the termination of Pennsylvania’s CISO because he dared to actually talk about a breach, it made me wonder – about everything. Dennis hit the

Incite 3/9/2010 - Ten Reasons I Love the RSAC

By Mike Rothman
To stir the pot a bit before the RSA Conference, I did a FireStarter wondering out loud if social media would ever replace big industry conferences. Between the comments and my experiences last week, I’d say no. Though I can say social media provides the opportunity to make business acquaintances into friends and let loudmouths like Rich, Adrian and myself make a living having on an opinion (often 3 or 4 between us). So I figured this week, I’d do a Top 10 list of things I can’t do on Twitter, which will keep me going to the RSA Conference

Is It Wireless Security or Secure Wireless?

By Mike Rothman
As I’ve been digesting all I saw and heard last week at the RSA show, the major topic of wireless security re-emerged with a vengeance. To be honest, wireless security had kind of fallen off my radar for a while. Between most of the independent folks being acquired (both on the wireless security and wireless infrastructure sides) and lots of other shiny objects, there just wasn’t that much to worry about. We all know retailers remained worried (thanks, Uncle TJX!) and we saw lots of folks looking to segregate guest access from their branch networks when offering wireless

SecurosisTV: Low Hanging Fruit - Endpoint Security

By Mike Rothman
We’re happy to post the next SecurosisTV episode, in which yours truly goes through the Low Hanging Fruit of Endpoint Security. This is a pretty high-level view of the 7 different tactics (discussed in much more detail in the post), intended to give you a quick (6 minute) perspective on how to improve endpoint security posture with minimal effort. Direct Link: http://blip.tv/file/3281010 See it on YouTube: http://www.youtube.com/watch?v=jUIwjc5jwN8 Yes, we know embedding a video is not NoScript friendly, so for each video we will also include a direct link to the page

Securosis at RSA Conference 2010

By Mike Rothman
Rich, Mike, and Adrian keep pretty busy schedules at RSA each year, so we are likely to be quiet on the blog this week. If you happen to be at the show, here are the speaking sessions and other appearances we’ll be doing throughout the week. Hopefully you’ll come up and say “Hi.” Rich and Adrian don’t bite. Speaking Sessions STAR-106: Security Groundhog Day – Third Time’s a Charm – Mike and Rich (Tuesday, March 2 @ 1pm) EXP-108: Winnovation – Security Zen through Disruptive Innovation and Cloud Computing – Rich and Chris Hoff (Tuesday, March 2 @ 3:40pm) END-203: How to Expedite Patching

FireStarter: Will Social Media Kill the Conference Star?

By Mike Rothman
On the eve of perhaps the biggest conference we security folks have (RSA Conference), we wanted to bait the echo chamber a bit, and wonder what the future of conferences is – especially given the amount and depth of information that is available via blogs and social media. Interestingly enough, we don’t necessarily have a consistent opinion here, but we want to hear what the community has to say. Hypothesis: Security conferences continue to decrease in importance because the events don’t really help customers do their jobs any better. The Bad and the Ugly Weak sessions: In general, most

RSAC 2010 Guide: Security Management

By Mike Rothman
To end a fine day, let’s continue through the Securosis Guide to the RSA Conference 2010 and discuss something that has been plaguing most of us since we started in this business: security management. Security Management For the past 20 years, we’ve been buying technologies to implement security controls. Yet management of all this security tends to be considered only when things are horribly broken – and they are. What We Expect to See There are four areas of interest at the show relative to security management: Log Religion: Driven by our friends at the PCI Security Standards Council, the entire

Retro Buffoonery

By Mike Rothman
I’m probably not supposed to do this, as I took the security marketer’s oath to get my first VP Marketing gig. But I’m going to pull the curtain back on some of the wacky stuff vendors do to sell their product/services. Today’s specific tactic is what I’ll dub retro buffoonery, which is when a vendor looks back in time, and states that they could have stopped attack X, Y and Z – if only their products were deployed before the attack. You see this stuff all the time. Whether it was TJX, Heartland, ZeuS, or

RSAC 2010 Guide: Endpoint Security

By Mike Rothman
The fun is just beginning. We continue our trip through the Securosis Guide to the RSA Conference 2010 by discussing what we expect to see relative to Endpoint Security. Endpoint Security Anti-virus came onto the scene in the early 90’s to combat viruses proliferated mostly by sneakernet. You remember sneakernet, don’t you? Over the past two decades, protecting the endpoint has become pretty big business, but we need to question the effectiveness of traditional anti-virus and other endpoint defenses, given the variety of ways to defeat those security controls. This year we expect many of the endpoint vendors to start

Incite 2/23/10: Flexibility

By Mike Rothman
It is said that unhappiness results from either not getting what you want, or getting what you don’t want. I’m pretty sure strep throat qualifies as something you don’t want, and it certainly is causing some unhappiness in Chez Rothman. Yesterday, I picked up 4 different antibiotics for everyone in the house except me, which must qualify me for some kind of award at the Publix pharmacy. I like to think of myself as a reasonably flexible person who can go with the flow – but in reality, not so much. I don’t necessarily have a set schedule,
Page 94 of 97 pages ‹ First  < 92 93 94 95 96 >  Last ›