StillSecure, After All These Years

When it is all said and done I am involved in many things at StillSecure.  I like that because it feeds my own ADD tendencies. I need to be working on different things all the time.  But the core of what I do and in many ways what I like best is business development / corporate development.  I have been in BD for a very long time and during those many years have had a chance to meet some really great people.  Generally BD people understand that what comes around goes around and a relationship which benefits both parties is one that will enjoy continued success.  As a result you tend to deal with the same folks over and over again.  The names don’t change but the companies and exact titles do. 

One of the people I have dealt with over the last few years is Michael D’Eath formerly of Mirage Networks. Michael ran BD and strategy over at Mirage for some time.  Though we never did a deal directly with each other, we did have partners in common and have gotten to know each other a bit through the NAC wars.  Anyway Michael has started a new business performing BD and CD services for companies called CMT Consulting.  He is also going to start sharing some of his tips, tricks, experience and thoughts on business development and corporate development via his new blog. It is called 3 dimensional business development.  I already like what I have read so far and am looking forward to hearing more from Michael.  If you are involved in BD or would like some great insight to what we do in business development and corporate development I recommend you read it too!

Welcome to blogging Michael and we will be reading!

Sorry for not blogging more often but am in the middle of a brutal road trip.  Last week was NYC, the week before DC.  This week I am in California and next week Colorado.  Will try to blog from the plane today, as there is much to write about!

I was going through my bookmarks in Firefox the other day (it is amazing how quickly bookmarks get out of control) and I came across my technorati log in page.  Luckily I use a password manager because I have no idea what my password is anymore for that site.  Do any of you still use Technorati? I hadn’t logged in a while myself.

I was thinking back to when I first started blogging. I used to manically check to make sure my pings were working and Technorati was indexing my posts.  How many sites linked to me (in later Technorati terms they call it your authority) was a good part of how I judged how my blog was doing.  I don’t know, somewhere along the way who cares about what Technorati says about your blog.  They just seemed to have totally faded into obscurity as far as that is concerned.  Do any of you have a different experience or opinion on their impact?  Would be interested to hear.

I posted this a few weeks ago, but we are getting near the end of nominations. If you have not done so yet, please be sure to nominate your favorite security blogs for the Social Security Awards!

Another dream of mine becomes a reality.  One of the things I have longed thought of doing was starting a security bloggers awards program. With over 200 blogs in the Security Bloggers Network, some recognition for the best of the best would be great.  There are so many great security blogs out there, with so much great content, in my mind it was only natural that we have some sort of recognition for the very best.  How to do these awards without making it a popularity contest though?  Where and when to hold an awards ceremony? Logistics, statistics and such.

It all came together this year.  Working with my fellow Security Blogger Meet up committee members, Jennifer Leggio, Martin McKeay, Rich Mogul and Jeanne Friedman we have made a Security Bloggers Awards a reality!  I am proud to give you the "Social Security Blogger Awards".  Pretty cool, huh?

This initial year of the Social Security Awards will feature awards in 5 categories:

* Best Security Podcast
Who is the voice you listen to week after week?
* Best Technical Security Blog
Who is digging deeper than anyone else?
* Best Corporate Security Blog
Which vendor's contributing the most to the blogosphere?
* Best Non-Technical Security Blog
Who's got the best 30,000 view?
* Most Entertaining Security Blog
Who keeps you riveted? Or who makes you laugh?

We will allow readers to nominate specific blogs, come up with finalists and than have a combination of reader votes and a blue ribbon panel of judges.  The judges we have lined up are:

Brian Krebs
Washington Post
Bill Brenner
CSO Magazine
Kelly Jackson-Higgins
Dark Reading
Dennis Fisher
TechTarget
Jeremiah Owyang
Forrester Research

There will be awards and surprises at the awards ceremony which will take place at the Security Blogger Meet up at RSA this year. You don't have to be a member of the SBN to be nominated, but like the old man says, "it couldn't hurt". If you would like to nominate your blog or have someone else nominate you can use this picture and link to http://www.socialsecurityawards.com

For those of you wondering, I and the rest of the committee and judges are not eligible to be nominated or win any awards.  Also in case you are wondering these awards are not for sale and you can't buy your own category ;-)

Anyway, I am really proud to see this idea becoming a reality. I hope that it will be a great program that will grow better year after year.  For now though, what are you waiting for?  Go nominate you favorite security blogs!

Author's note: Martin posted some good articles on this at the RSA Bloggers meet up site and his own blog, even if he did steal my graphic.

Related articles by Zemanta

• The Social Security Blogger Awards

And what will be the big security story of 2009?  Do you think you have the answer to either one of these?  If so leave your answer in a comment to this post.  Mitchell Ashley and I will be doing our usual year end podcast around New Years.  We would love to talk about what our readers think the big story was this year and what the big story was last year. 

If you like leave your name and we will be sure to give you the plug for your answer.  Thanks and looking forward to hearing what you think!

Haven't had a chance to blog about the SC Mag World Congress.  Not any fault of the SC Magazine folks though.  This was the most blog friendly conference I have ever been at.  Ilena Armstrong, Tony Keefe, Gil Toren and the rest of the gang at SC Magazine have really gone out of the way and rolled out a red carpet for members of the SBN.  All SBN members were eligible for free press passes for a full conference admission. In each speaker track there was a cordoned off section of seats for "official bloggers". Free wireless access for bloggers was provided.   Bloggers on request were given access to the keynote and featured speakers at the conference as well.  The bloggers who attended were very appreciative.  Other conferences should take note on embracing bloggers this way.

In spite of all of this pampered treatment, I was only able to twitter from the show.  We had a StillSecure booth in the expo and I was helping out speaking to live people.  Not that there were people lined up at the booth.  You can definitely tell the economy has taken a hard bite out here. I have never seen NYC so empty this close to Christmas.  The show itself had over 1000 people pre-registered, but I bet maybe half or so were here today.  You can tell the economy is bad too by how many are handing out resumes or asking about work. There were just not the usual amount of people with projects or budget.  The attendees were decision makers, but many were not in a position to green light any projects. Also speaking to other vendors  I heard stories of skipping RSA and other drastic reductions in spend.

The line up of speakers and topics were very impressive.  The last session today featured the two congressmen who were on President-elect Obama's cybersecurity panel.  As well as two other members of the panel.  I would think that great lineup on this important a topic would draw a standing room only crowed.  Though the room was fairly full, it was not overcrowded by any means.

This years SC Congress was their first and that may account for some lack of awareness of the show.  Also the cost of coming to and staying in NYC might keep some away.  However, I think this show has a bright future ahead of it.  NYC needs a show like this.  When the economy picks up and with more marketing from the SC Magazine team, SC World Congress will become a must attend show in the future.

I did something I have not done before. I pulled a post from the blog. I tried to make a point about the difference between on line shopping and brick and mortar shops in light of the tragedy that occurred on Friday. Instead of making a poignant comparison, I missed the mark and on reflection (and after a few comments on it) realized it was in very poor taste. Instead of doing honor to the poor person who lost their life, I was ridiculing it.  Not my intention at all.  So I pulled the post.  Sorry if I offended anyone.

One of the most prolific contributors to the Security Bloggers Network is the BelSec blog of the Belgian Security Bloggers Network.  The folks from BelSec contacted me about a year ago and asked if they could join the famous SBN.  I was flattered that they thought the SBN was famous and after checking out the sites sent them an invite. 

Well over the last year the BelSec crew have certainly proven themselves as great members of the SBN and a valuable resource to the security community.  Tomorrow (today for those in Europe) they celebrate their one year birthday. The crew at BelSec has a lot of activities planned throughout the day.  Stop over, see for yourself and enjoy.

Happy birthday BelSec and many more. Keep up the good work!

Just when we thought we would see a net loss of security analysts blogging comes word that it is not to be the case.  First former analyst and now vendor puke, Mike Rothman tells us about the big G men starting to blog out in the open. Now comes word that former G man (among other things), Richard Stiennon is once again firing up IT-Harvest and the accompanying ThreatChaos blog. Just when Rich Mogull and Adrian Lane thought they only had to compete with the 451 guys.  It just goes to show that Stiennon's first and only law on analyst blogging is indeed true.  Analysts abhor a vacuum and love to hear themselves speak (or write).

I heard that Richard was not going to re-launch ThreatChaos because he was about to take an executive position with a NAC company, but that NAC company went out of business.  Too bad, I would have liked to see Richard hawking NAC. Just kidding.  In any event and in all seriousness I actually like Richard and despite our many blog slugfests, have a lot of respect for him.  I wish him well in this old/new endeavor and I am sure he will have lots to say now that the handcuffs are off.  Look for the new Threat Chaos in the Security Bloggers Network feed soon.

VNUnet today reports that network security vendor Network Box has come out with a white paper on best practices for corporate blogging security. The paper talks about comment spam and SQL injection attacks as leading ways that blogs could be compromised.

Of course I don't see anything in there about passwords and reusing the same passwords, but hey its better than nothing.  Might be worth your time to take a quick read.