Security Pie

Can you tell which of the following is a name for Marijuana (5), which is a name of a rollercoaster (6), and which is both (5)?

1. Tennessee Twister
2. Déjà vu
3. Cincinnati Cyclone
4. Afterburn
5. Pineapple Express
6. California Screaming
7. Brain Teaser
8. Blazing Fury
9. Flashback
10. Humbolt Scorcher
11. Great White
12. Hypersonic XLC
13. Hyperponic XLC
14. Invertigo
15. Woodstock’s Express
16. Bug Out

By Lockie Hunter. Answers at McSweeney’s (http://www.mcsweeneys.net/links/lists/4hunter.html).

/al

Beam Me Up

Through my career I have learned that in order to be successful, people need to work together and interact with other people.

When it comes to “business”, we’re connecting (doing business) with people we trust and respect. I believe that in order to create a trust and some sort of a bond (the actual type vary) eye contact and handshake should be made – in other words, we need to travel.

Remote sensing technologies and “passing the ball” methods are useful to maintain a relationship but they could never be a substitute for creating it.  In other words, we need to meet our customers, partners, suppliers, vendors (and family) in order to create and maintain a successful relationship.

Spending most of the 24 hours in airplanes and airports the other day, I can only ask for one thing: please make it simple to travel.

Why do we work so hard to protect user data and privacy when it seems users are very happy to place their credit card info online and broadcast their shopping? The concept of blippy.com was shocking to me. It still is. Do users understand that all this information is amassed and can be used at any time by anyone?

What makes blippy trustworthy of access to a bank account? Are they audited? Are they PCI compliant? They are not even public and (unlike TJX) have nothing to lose by compromising the security of the users data…

Yesterday, while analyzing business processes at a DLP account, we ran across a user that sent their entire password list in an unencrypted CSV format. Access to bank accounts, investment accounts, healthcare, Web 2.0 sites, etc.

Perhaps privacy, by 2020, will be replaced by identity insurance…

The wine industry (as we are told) is in crisis. At a recent conference (Vino2010 in New York) a group of panelists discussed the future of luxury wine (see the excellent read at http://www.vinography.com/archives/2010/02/the_future_of_luxury_wine.html). I, for one, am happy. Prices are falling. Not neccessarily for the uber wines, but very decidedly for anything else. I can walk into wine shops and pick up decent wines that in 2006 were asking for very unreasonable prices.

It is a buyers market, and picking the wrong wine is no longer a very costly mistake. It literally take me back to the 90′s, right before (and perhaps as) the asian and US markets conspired to jack up the prices of wines. Now that both the Asians and Americans lost their funding sources, they stopped paying exorbitantly for wine.

This is so good. The bubble has funded extensive knowhow in wines. How to extract as blockbuster a wine as possible from newly planted berries: and make a killing in the process. So there are many great wines out there. And they have no buyers, so some great ones sell for 30c on the dollar. Their future prospect is questionable: They may fold, they may redo their business model, who knows. But for now, run out and get them!

Now I do have to watch the calories, though…

RSA Conference, the biggest security event of the year will take place next month.

IMO now is a good time to review how we are doing as an industry, fulfilling our destination (that is, securing).

On Jone 2003, Gartner declared that IDS are dead and “recommends that enterprises redirect the money they would have spent on IDS toward defense applications such as those offered by thought-leading firewall vendors that offer both network-level and application-level firewall capabilities in an integrated product.”

6.5  years later, are we there yet?