Friday Summary: January 21, 2010
Quick note: Don’t forget to RSVP to the RSA Disaster Recovery Breakfast, and sign up for the Inagural Cloud Security Alliance training class we are building & running. I had one of those awesome, weird, enlightening experiences today… and it’s actually relevant to technology and security. Probably. The thing that initially got me hooked on blogging was how it enabled a persistent community discussion. We could all debate issues out in the open, asynchronously (since some of us spend a lot of time trapped on planes), and everything becomes part of the public record. It was like the internal peer review process we had at Gartner (which is far better than most outsiders realize) burst open and spewed all over the Internet. Sure, some blogs really sucked, and there was no shortage of trolls, but it’s how I got to meet people like Rothman, Hoff, Martin McKeay, and many many others. It also led directly to how we handle review and our Totally Transparent Research process. But over the past year we have noticed a serious decline in blogging in general and comments on our site specifically. It’s actually a lot harder to come up with all these Summary links, because the initial idea was to share link love, but we mostly refer to the same people or link to news stories. This isn’t unique to us – a lot of our blogging friends have mentioned it (the few who blog). We all know Twitter is the culprit. I love Twitter, but it makes me sad that we lose the asynchronous conversations and persistence (come on, no one really reads old Tweets). Even when I’m sitting at my desk I can’t keep up with everyone I want to follow. Earlier today I tweeted that I needed some review on a couple incident response posts I’m working on. This was for a series we have been working on for a couple months. What did I learn? We have very few comments on the posts, but I got a ton of response over Twitter and some amazing feedback via email. Maybe I’m old, but although I still prefer having these discussions through the blog, I realize it’s time to start moving them more to Twitter. The problem will be finding the delicate between getting valuable feedback and contributing back to the community without ‘abusing’ the medium. We pump out way too much content for me to toss everything out to Twitter… and I’m not even comfortable tweeting links to all my posts. Any suggestions appreciated. On to the Summary: Webcasts, Podcasts, Outside Writing, and Conferences The Network Security Podcast, Episode 228. Had my sick daughter on my lap while recording this one, so it might be amusing. We are building the official Cloud Security Alliance CCSK training class, and running the first class at RSA. It’s $400, but you get a $295 voucher to take the CCSK certification test. DB2 Security Overview. Adrian’s white paper on DB2 security features. Favorite Securosis Posts Adrian Lane: The Appearance Myth. This is so spot on. I stopped carrying Star Wars paperbacks in my back pocket and brushed my hair – suddenly nobody believed I was a UNIX Admin. Get my first CTO job and started wearing a collared shirt, and suddenly I must not understand the abstract factory design-pattern or IPC. Wear the wrong garb and you are shunned. Mike Rothman: APT Defeated by Marketure. And here I thought Oswald killed the APT. Rich: Mogull’s Law. Yet another old post, but I picked this one because for some reason when I Google my name (for news alerts) this is the top link. Can’t argue with Google. Other Securosis Posts Dueling Security Reports: Cisco vs. Intego. Incite 1/19/2011: Posturing Alpha Males. SMB isn’t ready for disaster. Are you? The 2011 Securosis Disaster Recovery Breakfast. Fighting the Good Fight. Favorite Outside Posts Adrian Lane: Security fail: When trusted IT people go bad. I hate to foster the fear of ‘The Insider Threat”, but this sort of thing does happen on occasion. What’s surprising is a firm this large did not spot the problem sooner through other IT personnel. Mike Rothman: In defense of FUD. Jack kills it: “…a little bit of discomfort and uncertainty can drive us to question our preparedness, and rethink the challenges we face.” Love that. Rich: A Day of Reckoning is Coming. New School on breach outcomes. It isn’t what you think. Chris Pepper: Understanding Targeted Attacks: Two Questions. Gunnar Peterson: Three Types of IT Leaders. Research Reports and Presentations The Securosis 2010 Data Security Survey. Monitoring up the Stack: Adding Value to SIEM. Network Security Operations Quant Metrics Model. Network Security Operations Quant Report. Understanding and Selecting a DLP Solution. Top News and Posts Oracle CPU for Q1. There was a super critical database issue with Audit Vault, but with only 2 companies using the product, the overall risk is pretty low. GSM (cellphone) security in deep trouble. Hackers responding to job postings with malware. ENISA releases report on security for government clouds. Errata Security has a run-in with an infamous security fraudster. Twitter worm. AT&T hacker’s chats turned in by anonymous source. I have a hard time believing the feds would build a case based on anonymous IRC logs. Blog Comment of the Week Remember, for every comment selected, Securosis makes a $25 donation to Hackers for Charity. This week’s best comment goes to shrdlu, in response to Funding Security and Playing God… Your experience has shown you that finding a bug THAT YOU INTEND TO FIX is cheaper to fix early on. That’s great. But fixing is a choice, based on risk assessment. Businesses make that choice every day. And we’re not providing good arguments for them to choose something when we use circular logic to tell them they should fix it simply because we found it, and that finding it makes it certain to be a problem that will affect them. Share: