Securosis Blog

Last week we saw a security company hit the $2.4B valuation level. Yes, that’s a ‘B’, as in billion. This week we dig into the changing role of money and investment in our industry, and what it might mean. We like to pretend keeping our heads down and focusing on defense and tech is all that matters, but practically speaking we need to keep half an eye on the market around us. It not only affects the tools at our disposal, but influences the entire course of our profession.

I spend a lot of time on Apple security, more for personal reasons than anything else. They are the tools I use every day, and where I send most of my friends and family to manage their digital lives, so my investment runs deeper than anything financial. I have been the Security Editor over at TidBITS since about the time I founded Securosis, but I am not the only security expert over there. Joe Kissell has himself written books on the topic, and plenty of articles (mostly at TidBITS and…

There seems to something missing for us Securosis folks now that it’s the beginning of March. After some reflection we realized it’s that dull ache in our livers from surviving yet another RSA Conference. The show organizers had to move the conference to April this year, to ensure a full takeover of San Francisco. Regardless of when the conference is, there is one thing you can definitely count on: the DRB!

We were invited to run a two-hour learning lab on a topic of our choice this year at the RSA Conference. I suspect it will surprise… no one… that we chose Pragmatic SecDevOps as our topic.

Rich here.

Not to get too personal, but I had a dream about being back on ski patrol last night.

Last week the US Director of National Intelligence said cyberattacks are a greater risk than terrorism. This week we debate what that means, and whether terminology is getting so muddled that it becomes meaningless. Plus we rip into Rich’s post claiming security people need to stop thinking of themselves as warriors, and start thinking like spies.

Rich here.

These days it is hard to swing a cyberstick without hearing a cybergasp of cyberstration at the inevitable cyberbuse of the word “cyber”.

This is the final post in this series. If you want to track it through the entire editing process, you canfollow along and contribute on GitHub. You can read the first post, and find the other posts under “related posts” in full article view.

There is a ticker symbol HACK that tracks a group of publicly traded “Cyber Security” firms. Given how hot everything ‘Cyber’ is, HACK may do just fine – who knows? But perhaps one for breached companies (BRCH?) would be better. For you security geeks out there who love to talk about the cost of breaches, let’s take a look at the stock prices of several big-named firms which have been breached:

This is the sixth post in a new series. If you want to track it through the entire editing process, you canfollow along and contribute on GitHub. You can read the first post and find the other posts under “related posts” in full article view.