Friday Summary: January 27, 2012
This is the Securosis Friday Summary. For those of you who don’t know this is where Rich and I vent. When I started working with Rich I used to loathe writing this intro; now it’s therapeutic. It gives me a chance to talk about whatever is on my mind that I think people might find interesting. Sure, most Friday posts talk about security, but not always. If such things bother you – as one reader mentioned last week – search within the page for ‘Summary’ to avoid our ramblings.
Security Burnout? Breach Apathy? Repetitive task depression? Been there, done that, got the T-shirt to prove it? If you have been in security long enough, you will go though some security industry induced negative mental states. It happens to everyone on the security treadmill – it’s the security professionals’ version of the marathon runners’ wall. A tired, disinterested, day-to-day grind of SOSDD. I know I’ve had it – twice in fact. As an IT admin reviewing the same log files over and over again, and also from writing about security breaches caused by the same old SQL injection attacks.
Rich, James Arlen, and I got into a conversation about this over dinner the other night. Rich and I have achieved a quiet inner peace with the ups and downs of security, mainly because our work lets us do more of what we like and less of the daily grind that folks in IT security deal with on a daily basis. Usually during my career, with vacations frowned upon for startup executives, conferences were a source of inspiration. Actually, they still are. Presentations like Errata security’s malicious iPhone and Jackpotting Automated Tellers can renew my interest and fascination with the profession. I go back to work with new energy and new ideas on what I can do to make things better. Somewhere down the line, though reality always settles back in. As with life in general, I try not to get too worked up about this profession, but to find the pieces that fascinate me and delve into those technologies, leaving the rest of the stuff behind.
On Monday during the RSA Security Conference, Mike, Rich, David Mortman, and I will be helping with the ‘e10+’ event. The idea of this session is to provide advanced discussions for security pros who have been in the field over 10 years. We talk about some of the complex organizational problems security folks deal with, and share different strategies for addressing problems. Of course there is no shortage of interesting problems, and there are some heavily experienced – and opinionated – people in the room, so the discussion gets lively. It’s not on the agenda, but it dawned on me that dealing with security burnout – both causes and reactions – would actually be a good topic for that event. How to put the fun back in security. I hope our talks will do just that. Rich has some great ideas on consumerization and risk (yeah, I know – who thought risk could be interesting?) that I expect to spark some lively debate. Usually during RSA I am too busy worrying about my presentation or meeting with people to see much new stuff, but this year I am looking forward to the event.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Rich, Adrian, and Shimmy discuss NoSQL Security with Couchbase and Mongo founders.
- Adrian, Jamie, and Rich on the NetSec Podcast.
Other Securosis Posts
- Our Research Page with every freakin’ white paper we’ve done in the last three years.
- Implementing DLP: Getting Started.
- Incite 1/25/2011: Prized Possessions.
- Bridging the Mobile Security Gap: Staring down Network Anarchy (new series).
- Implementing and Managing a DLP Solution.
- The 2012 Disaster Recovery Breakfast.
- Baby Steps toward the New School.
Favorite Outside Posts
- Mike Rothman: Executive could learn a lot from Supernanny. Kevin hits it on the head here, just as Wendy did last week. Without even enforcement of the rules you’re lost. Unless you are Steven Seagal (and you’re not), no one is Above the Law.
- Adrian Lane: Implementation of MITM Attack on HDCP-Secured Links. Fascinating examination of an HDMI encryption attack – in real time – for fair use. It’s a bit on the technical side but does get to the heart of why DRM and closed systems stifle innovation.
- Rich: Pete Lindstrom’s take on recent SCADA vulnerability disclosures. I disagree with Pete a lot. It’s hit absurd levels in the past on a mailing list we are both on. And while I don’t agree with his characterizations of vulnerability research justifications, I do agree that for some things – especially SCADA – we need to think differently about disclosure.
- David Mortman: Google+ Failed Because of Real Names.
Project Quant Posts
- Malware Analysis Quant: Monitoring for Reinfection.
- Malware Analysis Quant: Remediate.
- Malware Analysis Quant: Find Infected Devices.
- Malware Analysis Quant: Defining Rules.
- Malware Analysis Quant: The Malware Profile.
- Malware Analysis Quant: Dynamic Analysis.
- Malware Analysis Quant: Static Analysis.
- Malware Analysis Quant: Build Testbed.
Research Reports and Presentations
- Tokenization Guidance Analysis: Jan 2012.
- Applied Network Security Analysis: Moving from Data to Information.
- Tokenization Guidance.
- Security Management 2.0: Time to Replace Your SIEM?
- Fact-Based Network Security: Metrics and the Pursuit of Prioritization.
- Tokenization vs. Encryption: Options for Compliance.
- Security Benchmarking: Going Beyond Metrics.
- And it case you missed it: Our Research Page with every freakin’ white paper we’ve done in the last three years.
Top News and Posts
- Kill pcAnywhere Right Now!
- We the People: Populist Protest Kills SOPA (Again).
- The spam tag cloud: Keeping you up to date on what’s important in life!
- Trojan Trouble-ticket system. Say what you will about malware authors, but they’re usually highly adept at software development tools and techniques.
- Defacement frenzy via our friends at LiquidMatrix.
- O2 leaking mobile numbers to web sites
- Symantec acquires LiveOffice.
- Norton Source Code Stolen in 2006.
Blog Comment of the Week
No comments this week. We need to start writing better posts!