December 22, 2009 – Volume 4, #41

Good Morning:

Another of my holiday rituals is the annual pilgrimage up
North to spend the winter break with my in-laws. This involves first
packing up the family truckster, which includes the optional roof rack
just to ensure we can fill the car to the gills with crap we don’t need
for a 10 day journey. But I gave up trying to get the Boss to pack the
stuff we actually "need," so I just dutifully load up the car and get
ready to go.

The drive takes between
10-11 hours depending on traffic. Most of my friends send their
condolences a day or two ahead of the trip, knowing what it would be
like to spend 11 hours in a car with their kids. But I have to give
thanks to Moore’s Law, which has enabled us modern conveniences like
the portable DVD player and the car stereo with the AUX jack, so my
kids can watch movies for 10 hours, while I drive.

Truth be told, the trip is a lot harder on the Boss than it is
on me. She’s actually got to deal with them for 10 hours. Between the
elbowing (it’s amazing how even in a 7 person van, the kids have to
poke and prod each other for a majority of the trip), the constant
hunger pangs, the "are we there yet?" questions and the arguments about
who gets to pick the next movie, I’m just glad to be the designated
driver.

After 6 years of making this drive, everyone knows my process
already. I get pretty grumpy when packing the car, since I know we
don’t need half the stuff we are taking. I get even grumpier when we
are trying to get out of the house, since it takes an hour to do the
last 5% of stuff to finally get on the road. And about 2 hours in, I
get into the zone. I’ve got my iPod cranking music, the kids have
settled in, and I just drive.

This year the Boss got a lot smarter about movie selection.
Part of her agony was having to watch the kids movies/shows for 10
hours. I mean, who wouldn’t be homicidal after listening to 4 hours of
the Wiggles, and have another 6 hours to go? But this year, she hit the
bargain basement DVD bin and came back with gems like Groundhog
Day and Back to the Future. Amazingly
enough, the kids enjoyed those classics and my wife was reasonably sane.

But this trip was a bit different in that we were trying to
beat a pretty severe winter storm. The original plan was to leave
around noon, but we called an audible at the line and decided to take
off around 9 AM, and a good thing we did. We were literally on the
front end of the storm that dumped almost 2 feet of snow on the
Mid-Atlantic region. There were times we got ahead of the storm and
were able to motor, but during the next potty or gas stop, the weather
seemed to catch up and drop snow on us. If we hadn’t left early, we may
still be on the road.

On the last gas stop as the snow was really starting to fall, I could
have sworn I saw the Yeti saunter in and buy a case of Bud. He was
about 8 feet tall, had white hair all over, and was wearing a Lynyrd
Skynyrd shirt. Who knew that the abominable snowman loved Southern
Rock? I asked if he needed a lift further North, but he politely said a
couple of feet of snow and a case of Bud was all he needed. Now that is
a guy that understands his definition of happiness.

Have a
great day.

Photo: "Happy
Fun Yeti!" originally uploaded
by spitecho
Technorati: Information
Security, CSO,Security
Mike, Internet
Security

The Pragmatic CSO: Available Now! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com

Follow me on Twitter: @securityincite I’m not sure where I’m going, but I’ll get there in 140 characters – or less…

Incite 4 U

1. All hail Czar
   Howard – Just as many of the pundits didn’t think there
   would a US Cyber Czar appointed, it looks like Howard Schmidt will be under the White House
   Xmas tree this year. And all I can do is shake my head a bit
   and wish him good luck. Howard knows the folks that need to be
   known both in industry and within the Beltway, but part of me just
   figures this is moving more deck chairs around the Titanic. Will he be
   empowered? What is his metric of success? Maybe the public announcement
   will clarify these things, but most likely not. I suspect the best gift
   you can get Howard is a Redskins helmet. He’ll need it as he bangs his
   head against the wall in DC for the next couple of years.
2. Playing both
   sides of the cyber-ball – Given that a new Cyber-Czar has
   been named, it’s interesting to check out John Pescatore’s post here about playing
   cyber-offense and defense, and his point that the guys that
   play offense (hackers, et al) are not the right guys to be protecting
   the flanks. He speaks the truth because any senior security position is
   more political than technical now. It’s about persuasion and
   operations, not about IPS Kung Fu. To be clear, John makes the point
   that the flow of information from the offensive minded is important (to
   know what you are defending against), but the skill sets are different.
   Yes, pragmatic fellow that Pescatore.
3. FIRE burning
   on the dance floor – It’s always interesting to see how
   other constituencies view security companies. This piece on Seeking Alpha about an investor’s analysis
   of SourceFire is interesting. The guy makes interesting
   points about the seasonality of the business, and also has valuation
   concerns (what’s the issue with a 60x earnings multiple?). But
   ultimately the stock right now is a mo-mo play. High valuation, but
   good growth and the Street pays a premium for that. But it also means
   that what the Street giveth, it will taketh away – at the first
   indication of slowing growth.
4. Who’s that
   router talking to? – A lot of us have spent years in the
   trenches and take a lot of good security practice for granted, which is
   always a dangerous thing. This piece by Joel Snyder on SearchSecurity is a good
   reminder that we need to be well aware of who and what our edge devices
   are doing. Joel’s point here is to make sure outside access
   on promiscuous protocols like SNMP is turned off, which is good advice.
   It gets back to my opinion of Network Security 101. Lock down the
   traffic that is allowed to enter (yes, default deny), make sure you
   understand the traffic flows on your networks and look for what is
   different. Given we are dealing with an infinite attack surface,
   looking for anomalies is one of the only ways to keep pace.
5. Amen to Risk
   Adjectives – Great post and point by Gunnar
   about the need to lose the generic "risk" term from our vernacular.
   Without some means to describe what risk we are talking about (the
   aforementioned adjective), the term is meaningless. And that’s always
   been my big problem with anything risk-centric. The term can mean
   something different to everyone, and therefore it means nothing. So if
   you hear the "R" word come out of your mouth, make sure it’s qualified
   so there is no uncertainty about what kind of risk you are talking
   about.
6. Cisco’s
   non-existent Security Strategy – Kudos to Jon Oltsik for
   beating me to the punch in questioning what Cisco is doing in security
   nowadays. My sentiments exactly. Since Jayshree Ullal left,
   it seems there is no one driving Cisco’s security strategy. The STBU is
   really IronPort with new business cards. I mean, how old is the frackin
   Self-Defending Network? Cisco is making announcements around the fringe
   and not really evolving their strategy to deal with the evolution of
   the attack surface. As Oltsik points out, Cisco is still moving a lot
   of equipment, but that’s because they are Cisco – not because the
   products are reflecting the market reality. You don’t think of Cisco as
   a follower, but in security that’s exactly what they’ve become.
7. Facing your
   own demons – Many of us know Bill Brenner of CSO. You’ve
   probably spoken to him or at a minimum read his stuff at TechTarget or
   his current gig. But you didn’t really "know" Bill. I certainly didn’t.
   But through his new personal blog, The
   OCD Diaries, I am getting to know Bill a lot better. I knew
   he was funny and a bit quirky (who in security isn’t?), but in reading
   about his battles to address his mental health issues and deal with
   loss, you gain a real appreciation for the man and for his courageous
   journey. Not many have the stones to bare their soul in a public forum,
   but those that do can teach all of us a lot. Keep up the good work
   Bill, both on the blog and on yourself.