In the 4 years since I started Securosis, this is absolutely the most bat-sh** crazy time I have experienced. Between cramming for the cloud security training class, managing a software development project, keeping our infrastructure up and running, hitting writing deadlines, and keeping up with prospects and clients, I barely have time to breathe. Add in a couple young kids who have done their best to ensure I don’t get a good night’s sleep at home for the past 6 months… and it’s no wonder I finished last week alternating between passing out and participating in commode-based religion.
But I’m loving it. Right now I have the exact same feeling as when I hit the last couple miles in a triathlon. It’s painful. Oh so painful. But the endorphins kick in and you start thinking about life after the race.
But now isn’t the time to lose focus. So time to bang this out and move on to the next item on the list.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Rich contributed Mac Defender: Pay attention but don’t panic to Macworld.
- Oracle 11G Available On Amazon AWS: Adrian’s Dark Reading post.
Favorite Securosis Posts
- Mike Rothman: Cloud Security Training: June 8-9 in San Jose. If you need to know about cloud security, we’ll teach you. A few spots remain. The curriculum kicks ass.
- Adrian Lane: Planning vs. Acting.
- Rich: Sowing the Seeds of Token Panic.
Other Securosis Posts
- End Users, Fill out Our Security Marketing Content Survey.
- Incite 5/25/2011: Rapturing the Middle Ground.
Favorite Outside Posts
- Mike Rothman: Mac Defender: Pay attention but don’t panic. Love it when a post Rich writes is highlighted on Techmeme and Daring Fireball. Especially when it’s posted on MacWorld. 🙁 But the traffic is well deserved – great perspectives on the next wave of Mac attacks.
- Adrian Lane: Siemens Downplaying Serious SCADA Holes. Thought they would have taken a lesson from Oracle and Microsoft – I guess not.
- Chris Pepper: Dilbert deals with [firewall] managment. “Keep me informed.”
Research Reports and Presentations
- React Faster and Better: New Approaches for Advanced Incident Response.
- Measuring and Optimizing Database Security Operations (DBQuant).
- Network Security in the Age of Any Computing.
- The Securosis 2010 Data Security Survey.
- Monitoring up the Stack: Adding Value to SIEM.
- Network Security Operations Quant Metrics Model.
- Network Security Operations Quant Report.
- Understanding and Selecting a DLP Solution.
Top News and Posts
- New version of Mac malware doesn’t require password.
- Siemens Working On Fix For ‘Security Gaps’ In Logic Controllers.
- Keys to the cloud castle.
- The rise of the chaotic actor: Understanding Anonymous and ourselves.
Blog Comment of the Week
Remember, for every comment selected, Securosis makes a $25 donation to Hackers for Charity. This week’s best comment goes to Shack, in response to Planning vs. Acting.
Except that i’m not. I’ve been there, and appreciate the whole “water cooler” thing. However, i see way too many security managers who wrap themselves in “governance” and rhetoric. C’mon. I’m not ignorant to understanding the risk and threat landscape. But all talk, and reciting the latest incedible “news story” does … What? Ours is a discipline technical in nature, and relies on technical acumen to fully understand and articulate risk. If your career is built on “water cooler” topics, i’ll likely be reading about your organization in the news in the future. I for one have had enough of the “strategists” with no tactical knowledge or understanding.
Comments