April 04, 2013

European Security Blogger Meetup and Awards

security-blogger-meetup-logoI am happy to report that Brian Honan with a big hand from Jack Daniel and our good friends at Tenable Network Security are putting on the 2nd annual Security Bloggers Meet up during Infosec Europe.

The European Bloggers Meetup is of course based on the RSA Conference Bloggers Meet up that we hold every year.  From what I understand it was a nice get together last year thanks to Firemon for sponsoring it.  Now in this second year they are going to try and add European Security Blogger Awards to the mix as well.

I am both flattered and pleased to see the idea being franchised over across the pond. I am waiting to hear all about it and hope to make it out to the event next year!

In the meantime head over to Brian’s blog for details and links to register for the event, nominate blogs and vote.

Enhanced by Zemanta

March 07, 2013

In Search of . . . the Elusive, Serious, Security Professional

CBOSS girls. I'm not usually the kind of a per...

(Photo credit: Wikipedia)

I read with a smile Winn Shwartau’s rant in SC Magazine about his disappointment at the RSA show floor. While much of what Winn said is true, instead of blaming the people exhibiting on the show floor, maybe Winn and the rest of the attendees should take a good look in the mirror.

Blaming the exhibitors to me is the same as blaming the spammers for spam. There really is a very easy solution here. The same way that spammers would not be in business if people would not click on spam, exhibitors at trade shows like RSA would adopt different methods if they were not getting the results they want using current methods. The facts are that most every exhibitor at RSA gets the leads they want. On top of this as you saw, RSA had to open another exhibit hall this year. I also hear that perhaps as many as 50 other vendors inquired but were shut out of exhibit space.

As my brother used to say when I gained weight on a diet and claimed I wasn’t getting any food in the house, “someone is sneaking it in”. Whatever they are doing it is working, so why change it? Here is a fact for Winn and those who consider themselves security pros, who are beneath what is dished out on the floor at RSA. You are in the minority and perhaps not even the target of the exhibitors.

On the other hand the attendees at RSA Conference exhibits are quite a bunch. I can’t tell you how many people I see walking around with multiple bags full of chotchkes and swag. I call them adult trick or treaters. Then there are the guys who take pictures with the booth babes to show their friends. There are the lottery players who get their badge scanned at every booth in the hopes of getting that free iPad. What about the people drawn to the motorcycles and the cars? What does that have to do with security? For far too many of the people walking that show floor, a sales guy collecting their lead info is all that is required. They don’t want to speak to an engineer.

On top of this do you know how much arm twisting you would have to do to get a sales engineer or similar talent to spend the week on the show floor? There is a reason that the people at these booths are the people they are. They are good enough to do the job. As a security company executive how many engineers should I tie up for the week for the 3 or 4 “real security pros” who might walk by? 

Here is the bottom line, RSA is a good place to find out about new companies and technologies. But if you want a deeper dive, you should set up a time after the craziness of the show to do so. 

Now don’t get me wrong. I have written for years about the fact that we don’t need booth babes. On top of that I understand that most of the booths are manned by marketing and junior sales people who don’t know enough about the technology. Too many of the marketing people try to cover up not having a good message about what they do and why we must have their product with fancy, glitzy marketing.

The fact is that the exhibits at RSA are not any different than the exhibits at Black Hat, Infosec or any number of large security conferences. The tracks at RSA are in my opinion superior, but that is neither here nor there. As an exhibit floor, RSA represents the industry only maybe bigger. Just because it is larger, why should we expect a higher level of technical prowess at the booth?

Speaking as an executive of a firm who exhibited at RSA for more than a few years, I can tell you that getting real live “security pros” like Winn to the booth is a pretty rare occurrence. The best we could hope for was collect names and sift through them separating the real leads from the fluff. We would take one sales engineer (usually the west coast guy) in case someone had a real question. Other than that we made sure everyone could demo the product and knew the high points.

I am not sure what Winn wants, but I know that what the show floor represents at RSA is what the attendees respond to. It is the free market at work. If enough so called security pros stay away from the booth babes, refuse to be scanned and truly walk away from Joe the sales guy, the exhibitors will change their tactics. But until that happens the blame rests squarely in the mirror.

Enhanced by Zemanta

APT – It can happen to anyone, especially you

This past RSA was a memorable one for several reasons. First of all I was glad to see the security industry move off of compliance as its reason for being. Compliance had taken the industry hostage for too many years. It seems that we are now finally focusing back on security and preventing breaches rather than some least common denominator check box model. I think in the long run we will all be more secure for this.

Another thing I saw at RSA was the idea of security using virtualization. It is not just securing virtual environments, but it is using hardened virtual containers to run code and apps to make sure they are not malware and they can’t do any harm to our devices. These hardened virtual containers run on our devices or they can run in the cloud or anywhere in between. The important thing is they can’t (supposedly anyway) get to anything valuable on our networks. If this pans out, it could have a profound impact on the way we secure our data in every segment of the market.

Perhaps one of the biggest trends though was the realization that we are under attack by very sophisticated forces, perhaps even nation states who are using very sophisticated and highly organized techniques. The report by security company Mandiant on the alleged acts by a unit of the Chinese PLA codenamed APT1 was chilling.

The thing about APT attacks is that no matter whether you are a big company or small, government related or not, you are a target. Midmarket companies should not be fooled into a false sense of security that these attacks are not aimed at you. They are! If you have IP that could be valuable, you are a target. Manufacturing, media, technology and financial companies are all potential targets. Not to be an alarmist, but if you are not doing something about defending yourself against this type of breach¸ you are foolish.

The good news is that many of these attacks while they use 0 day attacks and other unknown exploits almost always start with a simple spearphishing attempt or something similar. Most of these attacks still take place because the weakest link is still the person behind the keyboard. In this regard security awareness training is still a strong tool. If you can afford a 3rd party to come in an implement a security training program, you should do so. If not there are plenty of web resources available that you can put together and make your own. So much of this is common sense about not clicking on links you aren’t sure about.

Of course there is no guarantee that even with all of the security awareness training in the world you will prevent an attack from being successful. That is why it is also important to have a plan in place for what to do when something happens. Don’t wait until something happens to figure out what you should do. Assume something is going to happen.

Planning for a breach is as important as trying to prevent a breach. Again this is as important for a midsize firm as it is for a large firm. In fact many security experts say that midsize firms are more of a target than some of the larger organizations. So again, not to be a scaremonger, but you should be planning this for your company right now. Again there are 3rd parties who can really help with this. IBM and their partners have lots of options. But there are plenty of resources available on the web that you can use to craft your own plan as well. Don’t let budget stand in the way of your preparedness.

I will write up some more news from RSA around BYOD, Big Data and the Cloud in my next report so stay tuned.

IBM

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I’ve been compensated to contribute to this program, but the opinions expressed in this post are my own and don't necessarily represent IBM's positions, strategies or opinions.

Enhanced by Zemanta

March 06, 2013

Webcast on User Activity Monitoring with Spectorsoft and SC Magazine

Image representing SpectorSoft as depicted in ...

Image via CrunchBase

My friends at Spectorsoft makers of Spector 360 have invited me to participate in a webinar next Wednesday, the 13th at 2pm eastern time, 10am pacific time.  The webinar is entitled “Getting More Out of DLP”.  It will cover how using Spector 360 can enhance your DLP coverage and give you greater control over controlling your confidential data.

The webinar is being conducted along with the great people over at SC Magazine. 

If you can’t make it live, there will be taped versions available, but no questions then.  You can register for the webinar here.

Hope to hear or see you next Wednesday!

Enhanced by Zemanta

March 02, 2013

Microsoft Trustworthy Computing Sponsors Security Bloggers Network

I am very pleased to report that once again the good folks over at Microsoft's Trustworthy Computing Group have agreed to sponsor the Security Bloggers Network.  The SBN has a long history of working with TWC and we are happy to work with them again.

SDC_Banner_495x90_v1

Microsoft is holding their second annual Security Development Conference in San Francisco, May 14-15, 2013. The conference will feature Scott Charney, Corporate VP Trustworthy Computing, Microsoft; Edna M Conway, Chief Security Strategist Global Supply Chain, Cisco Systems; Brad Arkin, Senior Director of Security Adobe Secure Software, Engineering Team (ASSET).

Conference specialty tracks target three different types of professionals: Engineers, Project Management, and Leadership. Combining keynotes from thought leaders as well as specialized breakout sessions, this conference is a can’t-miss for security professionals at any level. You can register now and USING THIS CODE AND SAVE $300 OFF THE REGISTRATION PRICE: SBN@SDC#13!

tim rainesI had a chance to chat with director of TWC Tim Raines. We were going to talk about the conference, but Tim and I started talking about the TWC, the world of security and what the challenges on the horizon are. By the time we were done, we never got to the conference, LOL!

Anyway, I think you will find the conversation very interesting. Enjoy and if you can go to the conference.

Enhanced by Zemanta

March 01, 2013

Security Blogger Award Winners 2013

Well it was an epic Security Blogger Meetup and awards this year. In many ways it was the best one we have had. But nothing is perfect and we are already planning to be bigger, better and more inclusive next year.  In the meantime I know many folks have been waiting to see who the winners of the Social Security Blogger Awards were.  So without further adieu, for the record here are the nominees and winners:

Best Corporate Security Blog

Other nominees:

McAfee Blog: click here

CloudFlare Blog: click here

SecureWorks Blog: click here

Solutionary Minds Blog: click here

Kaspersky Lab Securelist Blog: click here

Veracode Blog: click here

Trend Micro Blog: click here

AND THE WINNER IS:

Naked Security Blog: click here

Best Security Podcast

Other nominees:

Liquidmatrix Security Digest: click here

EuroTrashSecurity: click here

SANS Internet Storm Center: click here

Southern Fried Security: click here

Risky Business: click here

Sophos Security Chet Chat: click here

And the winner is:

Paul Dotcom: click here

The Most Educational Security Blog

Other nominees:

BH Consulting's Security Watch Blog: click here

Security Uncorked Blog: click here

Dr. Kees Leune's Blog: click here

Securosis Blog: click here

Social-Engineer.org Blog: click here

Critical Watch Blog: click here

The Security Skeptic Blog: click here

The New School of Information Security Blog: click here

And the winner is:

Krebs On Security: click here

The Most Entertaining Security Blog

Other nominees:

Packet Pushers Blog: click here

Securosis Blog: click here

Errata Security Blog: click here

Naked Security Blog: click here

Uncommon Sense Security Blog: click here

PSilvas Blog: click here

And the winner is:

J4VV4D's Blog: click here

The Blog That Best Represents The Security Industry

Other nominees:

SpiderLabs Anterior Blog: click here

1 Raindrop Blog: click here

Naked Security Blog: click here

The Firewall (Forbes) Blog: click here

Threat Level (Wired) Blog: click here

Securosis Blog: click here

Michael Peters Blog: click here

And the winner is:

Krebs On Security Blog: click here

The Single Best Blog Post or Podcast Of The Year

Other nominees:

The Epic Hacking of Mat Honan and Our Identity Challenge: click here

Application Security Debt and Application Interest Rates: click here

Why XSS is serious business (and why Tesco needs to pay attention): click here

Levelling up in the real world: click here

Secure Business Growth, Corporate Responsibility with Ben Tomhave: click here

And the winner is:

Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees): click here

The Security Bloggers Hall Of Fame

The other nominees are:

Richard Bejtlich

Gunnar Peterson

Naked Security Blog

Wendy Nather

And the winner is:

Jack Daniel

Congratulations to all of the nominees and of course congrats to the winners.  See you next year at the Security Bloggers Meetup. If you did not get an invite this year, be sure to write to info@securitybloggersnetwork.com requesting to add your blog and be on the list!

Special thanks to our sponsors: Qualys, Sourcefire, Akamai, Fortinet, Barracuda Networks and Jeanne Friedman and the RSA Conference!  Also a special shout out to Trainer Communications for helping with the voting as always!

February 27, 2013

Why Not Everyone Can Come to the Security Bloggers Meetup

security-blogger-meetup-logoRich Mogul has a good post up about the security bloggers meetup today. It gives the history and details of how and why we started the Security Bloggers Meetup.  I don’t disagree with anything he has to say.

On the other hand I am here in San Francisco.  Seeing some of you whom I consider my friends upset about not being invited to a party is upsetting to me.  If you know me, you know that I would gladly take dollars out of my pocket and make sure you drink, eat and have a good time.  But really that is not what it is about. As Rich said we have a waiting list for sponsors, so money is not the issue. 

There are two issues at play here and they are very different. I want to make sure we understand that.

Issue 1: This is a party for the bloggers by the bloggers.  As Rich wrote, that has always been the idea behind the bloggers meetup and the blogger awards.  It is a marketing free zone. No PR, no marketing, only bloggers. If you don’t blog, podcast or write about security, you should not be there. Have people gotten been admitted in years past who didn’t blog? Yes.  Some names always sneak in that we don’t catch. If you were lucky enough to get in one year, doesn’t mean you will next year or even this year though.

Will this change in the future? I really don’t think so, though I think we need to do a better job of defining what qualifies.  We will get started on that as soon as this years event is in the books.

Issue 2: Just because you are invited, who can you bring with you.  I hear you on this one. I brought my wife out with me to RSA this year for the first time. If she had not already gone home, I would be hard pressed to not bring her with me to the party. Same goes for your significant other, best friend, partying buddy, etc.  But guys it really becomes an issue of space. The location has capacity rules, if we go over the SFFD can close the whole thing down.  We can’t do it.  As Rich said we will look into a bigger place for next year and look at how we accommodate these kinds of requests.  But for this year, the cake is already baked.

So if I or any of us have offended you, pissed you off or you think we are being arbitrary and capricious, please forgive us. We are really do try to throw the best party and awards we can for the security blogger community!  Write to me with suggestions and we will do better next year.

For those two hundred or so of you who did get an invite, I am looking forward to lifting a glass and catching up.

Enhanced by Zemanta

February 25, 2013

Alert Logic Partner Pavilion at RSA 2013

RSA Conference is THE information security event of the year.  As part of my coverage of this years conference I did a series of podcasts with some cloud/hosting providers who are exhibiting in the Alert Logic Partner Pavilion. This is the third in the series and is with Urvish Vashi, VP of marketing at Alert Logic.

UrvishI know Urvish for over 10 years, since our time together at Interliant.  Urvish was the force behind the Partner Pavilion for Alert Logic this year.  Having 5 of the leading hosting/cloud providers exhibiting at the worlds largest security conference may at first blush seem a stretch. After all, are these cloud providers security providers? Yes they are!

Urvish's point is that with partners like Alert Logic, these cloud providers are providing a wide range of best-in-breed cloud security services.

This is just a short 15 minute or so interview, but Urvish gives us some great insights.  Check out what he has to say and be sure to visit the Alert Logic Partner Pavilion on the show floor at RSA!

RSA 2013 Navisite at the Alert Logic Partner Pavilion

RSA Conference is THE information security event of the year.  As part of my coverage of this years conference I did a series of podcasts with some cloud/hosting providers who are exhibiting in the Alert Logic Partner Pavilion. This is the second in the series with Chris Patterson of Navisite.

My friends at Alert Logic have 5 of the largest cloud and hosting providers in the world exhibiting with them this year.  I thought it was worthwhile to expore why these cloud/hosting providers were exhibiting at the largest security conference in the world.

Chris-patterson-cropI caught up with Chris Patterson, VP of Product Management at Navisite.Chris is one of the driving forces behind the Navi cloud.  He also has some great insight into the state of cloud security and what market drivers are influencing the direction of future innovation.

Chris shares some great insight into Navisite's offerings including not just cloud, but security, managed desktop and the state of the market.

 

NaviSite-Logo-Color-Vector

Sunguard Availability Services at RSA 2013

RSA Conference is THE information security event of the year. Kicking off my coverage of RSA this year is a series of podcasts I did with cloud/hosting providers who are exhibiting this year in the partner pavilion of Alert Logic.  

My friends at Alert Logic have 5 of the largest hosting/cloud providers in the world exhibiting with them. I was curious why these cloud and hosting providers wanted to exhibit at a security conference.

The first provider I spoke with was Sunguard. Specicifally Sunguard Availability Services. I spoke with Cara Camping, Product Manager, Managed Security Services for Sunguard AS. Cara talks about Sunguard's approach to security in depth, why they partner with Alert Logic and what they expect from exhibiting at RSA Conference.

Below are two slides that Cara references in our discussion:

Image1

Slide 2

 

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Blog powered by TypePad
Member since 10/2005