In the 4 years since I started Securosis, this is absolutely the most bat-sh** crazy time I have experienced. Between cramming for the cloud security training class, managing a software development project, keeping our infrastructure up and running, hitting writing deadlines, and keeping up with prospects and clients, I barely have time to breathe. Add in a couple young kids who have done their best to ensure I don’t get a good night’s sleep at home for the past 6 months… and it’s no wonder I finished last week alternating between passing out and participating in commode-based religion.
But I’m loving it. Right now I have the exact same feeling as when I hit the last couple miles in a triathlon. It’s painful. Oh so painful. But the endorphins kick in and you start thinking about life after the race.
But now isn’t the time to lose focus. So time to bang this out and move on to the next item on the list.
On to the Summary:
Rich contributed Mac Defender: Pay attention but don’t panic to Macworld.
Oracle 11G Available On Amazon AWS: Adrian’s Dark Reading post.
Mike Rothman: Cloud Security Training: June 8-9 in San Jose. If you need to know about cloud security, we’ll teach you. A few spots remain. The curriculum kicks ass.
Adrian Lane: Planning vs. Acting.
Mike Rothman: Mac Defender: Pay attention but don’t panic. Love it when a post Rich writes is highlighted on Techmeme and Daring Fireball. Especially when it’s posted on MacWorld. :-( But the traffic is well deserved – great perspectives on the next wave of Mac attacks.
Adrian Lane: Siemens Downplaying Serious SCADA Holes. Thought they would have taken a lesson from Oracle and Microsoft – I guess not.
Chris Pepper: Dilbert deals with [firewall] managment. “Keep me informed.”
React Faster and Better: New Approaches for Advanced Incident Response.
Measuring and Optimizing Database Security Operations (DBQuant).
Siemens Working On Fix For ‘Security Gaps’ In Logic Controllers.
The rise of the chaotic actor: Understanding Anonymous and ourselves.
Remember, for every comment selected, Securosis makes a $25 donation to Hackers for Charity. This week’s best comment goes to Shack, in response to Planning vs. Acting.
Except that i’m not. I’ve been there, and appreciate the whole “water cooler” thing. However, i see way too many security managers who wrap themselves in “governance” and rhetoric. C’mon. I’m not ignorant to understanding the risk and threat landscape. But all talk, and reciting the latest incedible “news story” does … What? Ours is a discipline technical in nature, and relies on technical acumen to fully understand and articulate risk. If your career is built on “water cooler” topics, i’ll likely be reading about your organization in the news in the future. I for one have had enough of the “strategists” with no tactical knowledge or understanding.