Archive for February, 2013

Feb 19 2013

Network Security Podcast, Episode 304

Published by under Podcast

And now that Martin’s home, Rich is off on baby-leave (I think that’s what it’s called). Martin and Zach briefly discuss this week’s big news — Mandiant’s “APT1” threat intelligence report, which we strongly encourage you to read yourselves. Also, Martin gives us a bit about his experience attending ShmooCon 2013 this past weekend. Spoiler alert:

We’ll likely be skipping next week’s show while attending RSA, but if you’re around, seek us out for a beer.

Network Security Podcast, Episode 304, February 19, 2013

Time: 30:23

Show notes:

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

Feb 19 2013

This week’s ‘must read’: Mandiant APT report

Published by under Government,Hacking,Malware,Risk

If you haven’t already read it, your homework for this week is the Mandiant APT1 Report.  Don’t read someone else’s interpretation until you’ve read the report yourself.  Don’t read the analysis of reporters and consider it good.  Read the entire report yourself and draw your own conclusions, then read what other people have to say.  But in any case, read it.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on This week’s ‘must read’: Mandiant APT report

Feb 01 2013

Send me your geeks, not your marketing department

Published by under General

If you’re reading this post, chances are you’re a security practitioner and you know exactly what’s coming up in February:  RSA.  You know the dates like you know few others in your life and you plan for months to make the pilgrimage to San Francisco and the Moscone Center.  Or maybe you don’t work for a vendor like I do and you realize a week or two before the event you need to get a plane ticket.  But in either case, most security professionals know about the RSA Conference and the tens of thousands of people who will be gathering there to look at all the cool, new blinky lights and attend the parties each night.

Beside security practitioners, there are a couple of other groups who attend RSA:  Press and PR.  Press attends RSA for much the same reason that most security professionals do: they want to see the new shiny and find out what it does.  But rather than figure out how to budget for toys in 2014, the press is there to hear about the toys, then write about it so that the people who can’t (or don’t want to) make it to the conference.  And the PR folks are there to do everything they can to feed that appetite for information, hopefully to the benefit of their particular client. It makes for an interesting interplay, since the people who want the most to be noticed at RSA are not necessarily the people who are actually doing the most interesting things.

I’m lucky, or unlucky, depending on your point of view; thanks to the blog and the podcast, I get to be on both sides of this particular issue.  As part of my day job for a little internet start up, I get to see a lot of the effort that goes into the PR and marketing for an event of this size.  There are literally months of planning, meetings and arguments about where booths will go, what direction they’ll be facing and what the main ‘message’ of the show will be.  Everyone does their best to make the most of an event that can literally cost their company hundreds of thousands of dollars, as they should be.

The other side, for me, is being part of the press corp and doing my own best job of finding my own unique twist on the stories coming out of RSA.  In my case, this takes the form of microcasts, short interviews with other security practitioners and companies. This gives me a lot of access to talk to interesting people during the conference and share those conversations with my audience.  It works, it gains awareness for the companies I interact with and everyone benefits.  Except when the PR folks start wanting me to talk to someone in their marketing department rather than the people who are actually making the product or doing the research.

I’m a security professional, I’ve been doing both the press thing and the security thing for quite a while now.  And as such, I want to talk to someone who speaks the same language as I do, has the same mindset as I do and is more interested in the cool, geeky stuff that makes their product work than spinning exactly the right message in order to get that honey of a quote in an article.  I want to talk to someone who’s as excited about information sharing and the latest attacks as I am; I don’t want to talk to a VP of Marketing who has two or three bullet points he has to work into a conversation no matter what questions are asked.  I want to talk to someone who’s willing to go off on a tangent, even if it doesn’t directly relate to his or her company.  In other words, I want to talk to another geek!

Nothing against Marketing Directors or VP’s, but I have yet to meet one that’s as excited or as knowledgeable about a product as the girl who built it.  Marketing has a purpose, it’s to create and craft a message so that as many people as possible will hear it.  I understand and support that.  But that’s not the person I want to talk to!  Throw your ‘message’ in the corner with the hundreds of others that will be thrown at us this February.  We’re all inundated with messages, when what we really want is a live person to talk to, not a talking head who’s going to do everything possible to get the three bullet points about his company into an article. 

Your marketing department’s job should be 99% done when the doors open at Moscone Center.  Get the technologists, the scientist and the uber-geeks in front of people like me and let them run with it.  The people who attend RSA, the people who read about RSA and the people listening to my podcast want to hear what they have to say, even if it isn’t neat and tidy and might ramble a little off topic once in a while.  If you really want to differentiate your company from the other 350 odd companies at RSA, this is going to be one of the best ways to do it.  At least in my case.

So let’s gird our loins and continue preparing for this year’s RSA.  Send someone who’s as passionate about security as I am to talk to me.  Let out your researchers, who you might not normally be comfortable having in front of the press.  Have a little fun after all the stress of planning this one week in February.

One final thought:  I’m not all that interested in hearing about anti-virus, firewalls or authentication technologies.  I don’t want to hear about a tweak on a technology that’s decades old.  What I, personally, want to hear about this year at RSA is information gathering, information sharing and new, unique ways of doing security.  Tell me how your company is contributing to the knowledge of security as a whole or about a new way of doing security that’s actually effective.  Don’t tell me about your new blinky light technology that I can just bolt on to my network in order to have all my problems solved.  There are no silver bullets, even Gartner knows that.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

6 responses so far