Pimp My Blog: TypePad Says "Rational Security Is the Schizzle, Yo!"

From the "Tooting Your Own Horn" Department...

The lovely folks at SixApart - purveyors of the fine SaaS/Hosting functionality "TypePad" (amongst others) have kindly named the blog of your's truly as today's "TypePad Featured Blog."

So, out of the approximately 1.2 Million blogs claimed as being hosted by SixApart, I seem to have offended enough of you and consumed enough bandwidth to warrant attention.  I'm praying I won't receive an email politely suggesting that I upgrade...

So, I'd like to start by thanking all the people who make this blog possible...Ummmm...

OK, so moving on, I'd like to thank all of you who read my little steaming pile of blogginess...last count has approximately 2,000 subscribers, although I believe my kids run 100 simultaneous instances of Google Reader under fake names in exchange for WebKinz and iTunes credits that I upload when they generate page views.

Seriously, though...blogging is a lot of fun.  I love blogging my ideas and interacting with the lot of you.  Even Rothman.  No, especially Rothman.  The only man I respect for wearing Crocs with socks in Vegas in 100 degree heat.  Black, of course.

I've learned quite a few interesting lessons since I started   blogging over a year ago (thanks to Alan Shimel who encouraged me to do so) and look forward to learning a lot more.  One of things I'm going to force myself to do is write less -- less words, that is.  You people have the attention spans of gnats in heat, so I'm going to make it more A.D.D. friendly.  Besides, when I leave big logic holes due to less words, you seem to participate more.

I've already told my wife I need an iPhone to make sure the blog renders correctly under Safari running on a mobile.

Now that I'm Blog King for a day (and Alex Hutton has one) she couldn't possibly turn me down, right?

/Hoff

Interviewed for Information Security Magazine - Security 7 Award Winners Article

This month's Information Security Magazine features the 2007 Security 7 Award Winners.  This year's winners represent an excellent cross-section of security professionals in seven industries, each with very diverse and interesting backgrounds, approaches and career paths:

• Michael Assante, Infrastructure Protection Strategist, Idaho National Labs
• Kirk Bailey, CISO, University of Washington
• Michael K. Daly, Director Enterprise Security Services, Raytheon
• Sasan Hamidi, CISO, Interval International
• Timothy McKnight, VP&CISO, Northrup Grumman
• Mark Olson, Manager of IS Security and DR, Beth Israel Deaconess Medical Center
• Simon Riggs, Global Head of Security, Reuters

Congratulations to all of this year's winners!  I know four of them and they're all excellent representatives of our profession.

I was one of the inaugural Security 7 award winners back in 2005 in the financial services category when I was a CISO and was interviewed over the phone recently by Michael Mimoso from the magazine as a "catching up with..." piece that complimented the profiles of this year's winners. 

Please forgive the rather colloquial nature of the transcription of the discussion, it was very much a stream of consciousness as part of a 20 minute conversation that has been edited down for size.  Some of the concatenated sentences seem to contradict one another...I didn't get to see it before it went to press ;(  Nonetheless, I appreciate the opportunity, Michael.

You can find the entire story here and my blurb here.  Shimmy, as big as a pain in the ass as you are, you'll notice that I appropriately state that I owe my blogging to you.  Thanks, pal.

For reference, here is a listing of the 2005 and 2006 winners:

2005
    Edward Amoroso (Telecommunications)
    Hans-Ottmar Beckmann (Manufacturing)
    Dave Dittrich (Education)
    Patrick Heim (Health care)
    Christofer Hoff (Financial services)
    Richard Jackson (Energy/utilities)
    Charles McGann (Government)

2006
  Stephen Bonner (Financial services)
  Larry Brock (Manufacturing)
  Dorothy Denning (Education)
  Robert Garigue (Telecommunications)
  Andre Gold (Retail)
  Philip Heneghan (Government)
  Craig Shumard (Health care)

I'd also like to call out and pay tribute to one of the 2006 award winners, Robert Garigue, who passed away in January.  May he rest in peace.

/Hoff

I Know It's Been 4 Months Since I Said it, but "NO! DLP is (Still) NOT the Next Big Thing In Security!"

Nope.  Haven't changed my mind.  Sorry.  Harrington stirred it up and Chuvakin reminded me of it.

OK, so way back in April, on the cusp of one of my normal rages against the (security) machine, I blogged how Data Leakage Protection (DLP) is doomed to be a feature and not a market. 

I said the same thing about NAC, too.  Makin' friends and influencin' people.  That's me!

Oh my how the emails flew from the VP's of Marketing & Sales from the various "Flying V's" (see below)  Good times, good times.

Here's snippets of what I said:

Besides having the single largest collection of vendors that begin with the letter 'V" in one segment of the security space (Vontu, Vericept, Verdasys, Vormetric...what the hell!?) it's interesting to see how quickly content monitoring and protection functionality is approaching the inflection point of market versus feature definition.

The "evolution" of the security market marches on.

Known by many names, what I describe as content monitoring and protection (CMP) is also known as extrusion prevention, data leakage or intellectual property management toolsets.  I think for most, the anchor concept of digital rights management (DRM) within the Enterprise becomes glue that makes CMP attractive and compelling; knowing what and where your data is and how its distribution needs to be controlled is critical.

The difficulty with this technology is the just like any other feature, it needs a delivery mechanism.  Usually this means yet another appliance; one that's positioned either as close to the data as possible or right back at the perimeter in order to profile and control data based upon policy before it leaves the "inside" and goes "outside."

I made the point previously that I see this capability becoming a feature in a greater amalgam of functionality;  I see it becoming table stakes included in application delivery controllers, FW/IDP systems and the inevitable smoosh of WAF/XML/Database security gateways (which I think will also further combine with ADC's.)

I see CMP becoming part of UTM suites.  Soon.

That being said, the deeper we go to inspect content in order to make decisions in context, the more demanding the requirements for the applications and "appliances" that perform this functionality become. Making line speed decisions on content, in context, is going to be difficult to solve. 

CMP vendors are making a push seeing this writing on the wall, but it's sort of like IPS or FW or URL Filtering...it's going to smoosh.

Websense acquired PortAuthority.  McAfee acquired Onigma.  Cisco will buy...

I Never Metadata I Didn't Like...

I didn't even bother to go into the difficulty and differences in classifying, administering, controlling and auditing structured versus unstructured data, nor did I highlight the differences between those solutions on the market who seek to protect and manage information from leaking "out" (the classic perimeter model) versus management of all content ubiquitously regardless of source or destination.  Oh, then there's the whole encryption in motion, flight and rest thing...and metadata, can't forget that...

Yet I digress...let's get back to industry dynamics.  It seems that Uncle Art is bound and determined to make good on his statement that in three years there will be no stand-alone security companies left.  At this rate, he's going to buy them all himself!

As we no doubt already know, EMC acquired Tablus. Forrester seems to think this is the beginning of the end of DLP as we know it.  I'm not sure I'd attach *that* much gloom and doom to this specific singular transaction, but it certainly makes my point:

  August 20, 2007

EMC/RSA Drafts Tablus For Deeper Data-Centric Security
The Beginning Of The End Of The Standalone ILP Market
by Thomas Raschke
with Jonathan Penn, Bill Nagel, Caroline Hoekendijk

EXECUTIVE SUMMARY

EMC expects Tablus to play a key role in its information-centric security and storage lineup. Tablus' balanced information leak prevention (ILP) offering will benefit both sides of the EMC/RSA house, boosting the latter's run at the title of information and risk market leader. Tablus' data classification capabilities will broaden EMC's Infoscape beyond understanding unstructured data at rest; its structured approach to data detection and protection will provide a data-centric framework that will benefit RSA's security offerings like encryption and key management. While holding a lot of potential, this latest acquisition by one of the industry's heavyweights will require comprehensive integration efforts at both the technology and strategic level. It will also increase the pressure on other large security and systems management vendors to address their organization's information risk management pain points. More importantly, it will be remembered as the turning point that led to the demise of the standalone ILP market as we know it today.

So Mogull will probably (still) disagree, as will the VP's of Marketing/Sales working for the Flying-V's who will no doubt barrage me with email again, but it's inevitable.  Besides, when an analyst firm agrees with you, you can't be wrong, right Rich!?

/Hoff

 

How to make a Security Sandwich out of Ron Gula and Stephen Toulouse? Just add Hoff...

Firstly, my apologies to both Ron and Stephen for the grotesque visual...especially when you consider that this ridiculous analog is all the more absurd when you consider that I'm suggesting I'm the bologna in the middle. 

Ew. 

As I write this, I regret it immediately.

I'm referring to being included -- along with the usual cast of characters; Rothman, Shimel, Williams, Stiennon, etc. -- in ITSecurity.com's Top 59 Influencers in IT Security listing.  I'm #24, right in between Gula and Toulouse!  This is how we roll, yo!

I'm sure Alan's going to complain that Amrit beat him out for #1, but I find it hysterical that John Thompson and Tom Noonan are below me!  Technically, I'm listed twice; once in the bloggers section and again under the Corporate Security Officers section. 

The only way this list is in actual order of anything is the possibility that the ranking represents the number of complaints regarding content from my rabid blog readership of 4 (and you know who you are.)  Nonetheless, thanks for voting 6 times each, ya'll!   

You can check out this interesting list of people here.

/Hoff