Jan 03 2011
It felt good. I took the last two weeks of 2011 and took a hiatus from Twitter, I tried to stop reading security stories and I generally just stayed away from my home office and computer whenever I didn’t absolutely need to be working. I still used the iPad and I couldn’t leave my phones behind, but it really felt good to deprioritize social media and email in favor of spending time with my family over the holidays. And it felt good to just put a little distance between myself and all the stressors on the Internet and in my inbox.
I don’t do year end reviews and I don’t do predictions; it’s not that I’m against them, it’s that I feel there are a lot of other people out there who have a better 10K foot view than I do. Plus I hate looking back the next year and seeing how wrong I was about where everything was going. That being said, I get the feeling that 2011 will be a year of change; too many people are complaining too loudly about being burnt out. Too many people are saying ‘what we’re doing isn’t working’. There were too many high profile incidents for people to ignore and keep on doing what they’ve been doing. Or at least that’s my hope.
Alex Hutton sent out a tweet about a concept called ‘slow hunches‘ not to long ago. The basic idea is that we all have portions of great ideas floating around in our heads, it’s when these ideas bump against other ideas and let them mature over time that the real game changers start to develop. That’s a gross simplification of an entire book, but I hope it get’s the message across. I know I have a number of these partially formed ideas in the back of my head and I know from experience that a number of other people across the industry have similar ideas floating around. What I don’t know is how we get those ideas together in order to affect change. Because doing the same ol’, same ol’ isn’t working.
Maybe I’m just optimistic and nothing will change. But like the idea of slow hunches, there are so many incidents both big and small, happening right now that something has to give. Rich (Mogull) is often telling me that as long as we can continue to do business within an acceptable level of fraud, nothing is going to change. And he may be right. But I hope he’s just more of a pessimist than I am. And in the bigger picture, I’m sure he is right, since the more things change, the more they stay the same. But I can still hope that someone amongst our community will come up with a seminal idea this year that will change the way we look at security. Other than “let’s concentrate on the basics” that is.