StillSecure, After All These Years

  I have been so busy running around and trying to spend more time with the family that I have been negligent in talking about some of the things I have been doing.  A perfect example was last week.  Among other appearances, I was a featured speaker at the annual South Florida ISSA conference.  I have had the pleasure of appearing and attending many different ISSA chapter conferences, but I can say that my home chapter in South Florida, hands down puts on the best conference I have seen, year in and year out.  This years show was no different. From the opening CSI video spoof, to Stephen Northcut’s keynote, down to the last good bye, Jeff Dell, Tim Krabec and Pete Nicoletti, along with the rest of the team out did themselves!

The guys down here know me pretty well and read my blog I suppose. At the end of the day to thank me for speaking they presented me with a few bottles of wine with the labels as shown here.  They obviously had read my article about cloud aficionados. Anyway, if you get a chance, try to make next years show as I am sure the guys will outdo themselves yet again!

Like I have done for other conferences, the marketing team at StillSecure has given me 3 full briefing passes to Black Hat in Las Vegas to give away here on the blog.  So you know the drill, leave a comment why you are a deserving recipient and you may be one of the lucky recipients of StillSecure’s largesse.

Good Luck!

So here at Interop in Vegas again.  The show seems more subdued this year then in years past. However, make no mistake there is business being done in the meeting rooms here.  Of course what would a show be in Vegas without booth babes.  While I appreciate the female body as much as anyone, it still bothers me to sell security or technology by exploiting women.  On the whole though this year has been better.  Even Barracuda Networks who is usually one of the most brazen at the booth babe practice has cleaned it up a notch.  They still have booth babes around the Barracuda van, but at least they are dressed in smart black dresses, rather then the latex, spandex or patent leather of years past.

There is one company right near our booth though that has girls in bikinis.  While I will give them some slack for having a beach motif and so the girls in swimsuits fit it, it is still booth babe 101.  I would rather see more about what this company does.  But with them close by it does make for some good traffic patterns.

On my way to the airport to head to Vegas for Interop.  Interop is usually a good chance to catch up with folks, but it will be interesting to see what effect the economy has had. 

In the meantime if you are in Vegas for the show be sure to stop by our booth and say hello.  Also I will be speaking on the MSSP model on Tuesday, at 4:15pm.  If you can stop by and listen, ask questions, etc.

Sorry for taking so long to get this up, but after my 24 hour odyssey of a trip home from RSA I came down with a bad cold which I hope is not the swine flu.  I still feel pretty crappy, but am fighting through it.  Hey the pros play with pain.

Anyhow, RSA was a little lighter this year in terms of people but as usual a great conference.  For me the highlight was the 3rd annual security bloggers meet up and social security awards.  It was by far our biggest and best event ever.  Martin has a good post on all the goings on and who won the awards. You can see some great pictures from the meet up on Flickr or Facebook. I wanted to take a moment and say that this event took a tremendous effort by the organizing committee. Martin, Rich Mogul and I did our share, but Jennifer Leggio and StillSecure’s own Sonya Caprio really did a lot of the heavy lifting to make this event a success.  Can’t wait till next years show!

The panel I chaired on Thursday was a hoot. Of course I didn’t get a chance to say much, but with Rothman and Mogull and Mike Murray and Michael Farnum on the panel, what did I expect.  The SC Mag award show was a blast as usual too.  Ilena Armstrong and team do a great job on that.

Overall one thing that occurred to me was that over the last 8 or 9 years the amount of friends and people I have met in the security business.  I am very grateful for the their friendship and seeing them at RSA and other shows is what makes these events so special!

So I have made the annual pilgrimage to the city by the bay for RSA.  As usual I got in late Sunday night in order to be at the Americas Growth Capital Conference on Monday.  This was the 5th AGC Conference. It has become a must attend event for many CEOs and other C level execs in the security industry.  Uncle Art of RSA delivered the keynote. Based upon his previous keynotes, I am surprised there was more than 3 or 4 companies there to listen to him, as we were all supposed to disappear.  Anyway his talk focused on DLP, GRC and encryption. Hey, when you are a nail, . . .

Anyway, the Qualys party was decent enough, very similar to last year. Tonight I will be a the SC Mag awards show.  If you are here at RSA stop by the StillSecure booth and say hello!

In other news:

1. What would you pay to put perhaps your biggest competitor out of business? If you are Oracle, about 7.4 billion. Hey and you get Java to boot!  Not sure what else they get though. Not sure of the future of Solaris or Sparc.  But Larry now has added another Silicon Valley legend to the stable.  What does the future hold for MySQL?  Will they just kill it? We will have to wait and see.

2. While we are discussing M&A, Lumension bought Securityworks and Symantec bought Mi5. Ok, seems like your average deals, but I bet the Mi5 folks are a lot happier with Symantec stock then the Securityworks guys are with Lumension.

3. Cloud and GRC – So far those are my votes for this years RSA buzzwords. They seem to be all over the place. Oh and DLP becoming real this year. That sounds like a familiar tune!

4. Shameless plug. If you are here at RSA be sure to join Mike Rothman, Rich Mogul, Michael Farnum, Mike Murray and I Thursday morning for a panel on good security in tough times. Catch it if you can!

Have a great day!

Well the results are in for the first part of the balloting in the inaugural Social Security Awards for security blogging and podcasting. And quite a lesson in democracy it was. Just like in US presidential politics, it is a big country world out there and if you are going to run a popularity contest, the ones who campaign the hardest and have the most followers win. So when you look the 5 finalists in each category they may not be the ones that you and I would have guessed would be a finalist, but they are the ones who got the most votes.  Could the voting be gamed? Yes, obviously.  But more importantly, I don’t think it is a question of gamed, as much as it is that there are a lot of people who voted who may not be security pros, just interested in security.  We can think about how to do something about this next year. The good news now is that we have an all star panel of judges who will pick the winners from the finalists.

Now there are those who say that the “real” security blogs did not make it.  Some of the gang I run with and are part of the Security Bloggers Network.  Part of me feels the same way.  But at the end of the day, these awards were not for bloggers by bloggers, it was bloggers as voted on by readers and that is what we have in the results.

So to all of the finalists congratulations and good luck!  I will be the MC at the awards ceremony at RSA in 2 weeks with the winners!

Recently I was lucky enough to be interviewed by Jeanne Friedman of the RSA Conference about the great panel we have lined up for our session on making tough choices about security in a tough economy. Jeanne is a great person and though we don’t talk about it, is one of the biggest boosters of the Security Bloggers Meet up as well.

It is a short interview and you can listen to it here. Or download the MP3 file here.

I am happy to report that the good folks at the RSA conference have announced their own economic stimulus plan for the security community. They are offering 25 full scholarships for delegate passes to this years RSA show to qualified unemployed security professionals. Here are the details:

RSA Conference just announced a special scholarship program specifically for unemployed security practitioners. Designed for previous attendees who have recently found themselves unemployed, the program will award RSA Conference 2009 delegate passes to 25 individuals.

Criteria to receive a scholarship include:

• Must be an information security professional (practitioner, security architect or similar role);

• Must have attended the 2007 or 2008 RSA Conference as a full conference delegate;

• Complete a 1000 character explanation on “Why I need to attend RSA Conference 2009”; and

• Complete a 750 character biography

To enter the program, potential recipients have until Thursday, April 2, to visit http://www.rsaconference.com/2009/us/scholarship.htm and submit the requested information. Twenty-five qualified entrants will be selected at random and notified on Friday, April 3, that they have received a free delegate pass to RSA Conference.

* This scholarship only covers the delegate registration fee for the RSA Conference 2009 in San Francisco from April 20 to 24 and does not cover hotel, travel, parking or any other incidental expenses.

I think this is a great move by RSA and it will be much a appreciated by 25 lucky people out of work who win these scholarships.

I will be at Black Hat DC today catching some of the briefings and spending some time at the StillSecure booth.  If any of you are attending stop by and say hello!