This week in security,
it's time to review.
What new vulnerability
are you subject to?
Let's scan Full Disclosure
and find us a bug.
Some new crafty malware
from a cyber-crook thug?
What poor security choice
has some CSO made?
First the VA, then Pfizer,
now A-mer-iTrade?
All things virtual are scary
vulns are real, take a look
and the TSA's profiling
your choices of book
Some MIT looney
with a fake bomb on her chest
almost got lit up
by New England's best
Compliance and legal
are all such a mess
Sarbanes-Oxley and HIPAA
PCI's DSS
Raytheon bought Oakley,
Shimel got GoogleJacked
while some poor Joe from CITI
had his LimeWire hacked
Peer to Peer and those BotNets
will be our dear network's death
The next malware vector is
ye olde PDF!
Maynor's been holed up
with guns, pills and code
Now the statutes are lifted
he's blowing his load
Curphey's gone Blue
Ptacek's gone MIA
Newby's gone English
Mogull's rejoined the fray
McAfee's Dewalt
went on a tirade
seems that cybercrime's
bigger than the world's whole drug trade
De-perimeterization,
the Jericho way
doesn't mean sell your firewall
on Craigslist or eBay
To model or measure
metrics or SWOT
Just don't define Lindstrom
as something he's not
Rothman's now helping
Grandma secure her kit
from malware like trojans and botnets
and shit
Pescatore says we need Security-three-point-oh.
InfoSec costs too much and has nowhere to go
He casually proffers his bold Gartner bet
by the year 2010 we'll be ahead of the threat.
That's it boys and girls
till I rhyme once again
Stay happy, stay secure
and now...
EOM