Friday Summary, RSA Edition: March 1, 2012
Rich here, I need to apologize a bit for sending the Summary out a day late. As most of you know, this week is the big annual RSA Conference and we, Securosis, were busy as heck with conference activities. Between e10+, the Security Blogger’s Meetup, the Securosis Disaster Recovery Breakfast, and tons of conference meetings, it is the busiest week of our year. Well, except for me. As many of you know I spent the week here in Phoenix waiting for the birth of my next child. The due date was Monday, and there was no way in hell I was going to take the risk of missing that for a conference. But as you might guess based on the tone of this post, the kid is a no show. It was weird to miss RSA for the first time in many years. I was prepared to miss the social side of the show; as much as I enjoy seeing everyone, a conference is for work and I frequently dodge parties for meetings, to finish slides, or to stay rested. On the business development front I’m the first to admit Mike is a lot better at BD, and he probably closed more business for me than I could have closed myself. It was really nice to sit back and wait for the text messages of people I need to follow up with (thanks Mike!). What I didn’t expect was how much I miss the energy boost. You see, one thing about the nature of our business is that we often work in a vacuum. We advise users and vendors, and maybe get to see the outcomes someday, but we don’t get a lot of direct feedback on our work. This is important not only to ensure we that are on the right track, but it also helps keep us motivated. I don’t get a performance evaluation and bonus at the end of the year if I did well. I am extremely internally motivated. Anyone who works at home, for themselves, has to be or they don’t survive very long. But I’m also human, and we are social creatures. At RSA we get to engage with a much wider range of people than we do in our day-to-day work, and we get face-to-face feedback from people who use our research but don’t necessarily leave comments or feedback. Based on reports from the guys who were out there we are definitely on track, but hearing it isn’t the same as shaking the person’s hand or having breakfast with them. I can’t lie – I really missed that this year. I missed the feedback, good and bad, instead of talking to a blank screen or a captive audience before running to catch a plane. I don’t regret my decision in the slightest – my family is far more important than any of what i just talked about. I like the way Chris Hoff put it during the session we would have presented together had the baby come early, “the cost of missing RSA is a lot less than the cost of a divorce”. And one advantage is that I was here to get the Cloud Security Alliance Nexus launched. The CSA Nexus is a branded version of the Nexus platform we have been developing for two years. We launched with the CSA first because, at our annual internal planning meeting, we decided we needed to rework our content a bit before we go live for Securosis customers. It’s exciting to have actual, paying customers, and to get this thing out of the lab. It’s also weird to be a product manager, not just an analyst. We are going to open up our beta test again after we get a little more server work done, and we are still working out the dates for our official Securosis Nexus launch, but it should be soon. We are making a big bet on this platform, and I suspect getting actual customers in there will more than compensate for missing a few handshakes, head nods, and spilled beers. Note: since everyone was out this week and I was focused on the Nexus launch, this week’s Summary is missing most of the usual sections. Securosis in the news Rich on passwords in Digital Trends. Securosis posts Shattered Windows – the Impact of Attack Automation. Go buy Take Control of Your Passwords. Bit9 Details Breach. About the Security Blogger’s Meetup. Looky here. Adaptive Authentication works… When is a Hack a Breach? The Nexus Is Live with the Cloud Security Alliance! Everything I need to know about security, I learned in kindergarten. The end of MDM (as we know it). Or not. Attribution Meh. Indicators YEAH! Other news More Java 0-day. We are now adding this to the Summary with a weekly script. Botnet shut down live at RSA. AirWatch grabs $200M in funding. We don’t normally cover these things, but that is an insane amount of money. An interview with a ski patroller. Because I really miss ski patrol. Share: