Sometimes life sneaks up on you.
Often when I am introduced to new clients and professional contacts, it is as “Analyst and CEO of Securosis; he used to be at Gartner”. I am fully cognizant of the fact that not only is Gartner where I started my analyst career, but also that my time and title there are the reason I was able to start Securosis. Not only did I learn how to be an analyst, but the Gartner name (as much as it pains some people) still carries a lot of weight. Leaving as a VP carries even more (a gift from my former boss, who knew he could never get my pay where it needed to be).
It still carries weight to this day. We have a hell of a good brand in Securosis, but large swaths of the world have never heard of us. “Former Gartner” still helps open those doors. Even though the kind of work we do today carries very little resemblance to what I did back at the G.
To be honest, I’m not even sure we are analysts anymore. It’s still part of what we do, but only one facet.
Recently I have run into more of my former colleagues at various events. Black Hat, Boxworks, and other random analyst days and conferences. Most of them still work there, and all are shocked when I mention that I have now been running Securosis longer than I was at Gartner.
This summer we passed the 7-year mark as a company. That’s exactly as long as I was at Gartner, and I wasn’t even an analyst for my first year. It’s longer than any other professional job I have held, and almost as long as I spent at the University of Colorado (8 years for my undergrad – it’s a Boulder thing).
I still remember the first few months of the company. How I could barely sleep at night because I was so excited about what the next day would hold. Waking up early and jumping on my computer to blog, research, and spend entirely too much time on Twitter.
Seven years is a long to maintain that enthusiasm. Since then I have added three children to my family, been through two major medical challenges, and built up the stress and overhead that comes from moving from a one-person shop with no clients… to one with partners, contributors, software platforms, and dozens of active clients (not counting all the one-off projects). I now literally lose entire days purely to dealing travel plans, invoices, and expenses.
And really, no one with three kids under the age of five ever wakes up, on their own, with enthusiasm.
But despite the overhead, chronic sleep deprivation, and stress of deadlines and commitments, this is the single most exciting time of my career. I may wake up a little rough around the edges, and feel like there is never enough time in the day, but I am engaged in my most compelling and challenging work since I first entered the workforce as an underweight security guard.
About four or five years ago I placed a bet on cloud computing, and later on what is now known as DevOps. Those bets are paying off bigtime as those entangled disruptive forces trigger massive changes in how we deliver and consume technology. Aside from paying off financially (apparently there still aren’t that many people who really understand cloud and DevOps security out there), the work is… exciting. It’s a hell of a lot of fun.
Every day I wake up not only with something new to learn, but with the confidence that I can use it to support my family as I gain and expand that knowledge. It is really hard to imagine a better job (without zero gravity or secret lairs).
Although being interviewed by the Wall Street Journal on celebrity nudes was still kind of a surprise.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Rich quoted in the Wall Street Journal on the celebrity hacks.
- Rich’s article on the same issue at TidBITS.
- And a zillion other articles on the story.
- Mike quoted on context-aware security in SearchNetworking.
- Mike quoted on Wendy Nather being named a “Power Player” in Security. Wendy is awesome and one of our favorite people in the industry. Mike couldn’t be happier to be quoted in the piece.
- Mike’s “Change Agent” – Trusted Information Systems. Mike did a blog post/video for Digital Guardian naming a “change agent” that had an impact on how security has evolved… Check it out.
- Mortman Quoted about DevOps by the Hulminator. Chasing consistency across the wild seas of enterprise IT
Favorite Securosis Posts
- Let’s be honest: we only had three posts by Mike this week, so we’ll call them all favorites.
Other Securosis Posts
Favorite Outside Posts
- Mike Rothman: Infosec is a strange industry. Gunnar is right. There are many parallels between security and finance (another ‘strange’ industry). I’d add another to the list. Success in security is when nothing happens. If that’s not strange, I don’t know what is…
- Adrian Lane: 11 Reasons Email Is the Worst. This is fascinating – not for the insights into the limitations of email, but for its astute examination of human behavior. Worth the read!
- Rich: Not Safe for Not Working On by Dan Kaminsky. Dan really addresses the root issue here, at both psychological and practical levels. Must read.
- Gunnar: Hacker Breached HealthCare.gov Insurance Site. “If this happened anywhere other than HealthCare.gov, it wouldn’t be news,” a senior DHS official said.” Not the best excuse.
- Mortman: Bringing new security features to Docker.
Research Reports and Presentations
- The 2015 Endpoint and Mobile Security Buyer’s Guide.
- Analysis of the 2014 Open Source Development and Application Security Survey.
- Defending Against Network-based Distributed Denial of Service Attacks.
- Reducing Attack Surface with Application Control.
- Leveraging Threat Intelligence in Security Monitoring.
- The Future of Security: The Trends and Technologies Transforming Security.
- Security Analytics with Big Data.
- Security Management 2.5: Replacing Your SIEM Yet?
- Defending Data on iOS 7.
- Eliminate Surprises with Security Assurance and Testing.
Top News and Posts
- Data: Nearly All U.S. Home Depot Stores Hit
- Electromagnetic Warfare Is Here
- Beaker for Storage as a Service: J-Law Nudie Pics, Jeremiah, Privacy and Dropbox – An Epic FAIL of Mutual Distraction
- How Bout Them Apples
- ‘fake’ cellphone towers found in U.S. Many outside U.S. military bases.
- Security Trade-Offs.