Spent last week in San Francisco at various shows and events,
so I thought I would share some of the high (and low) points.
IDC Virtualization Conference : I was at the Virtualization show on
Tuesday just to get some variety during the week of RSA all the time. Really
not much going on here at all other than product pitch after product pitch ad-nauseam. You would have thought they
were selling condo time-shares. And here is a
hint, if you are going to inundate us with a sales pitch, at least have coffee
to keep us awake.
The only presentation that actually had a customer success
story, Pano Logic, happened to be the highlight. This is a very cool little box for client
side virtualization. From a security
standpoint, data is not floating around, as there is no disk or local memory to
steal from. And the session follows the
user to any location they choose to use. While not suitable for every user the benefits in both security and IT costs are considerable. Check it out!
Ziff-Davis: A very nice security briefing put on by Ziff Davis
Enterprise in the evening, and followed it up with excellent food & drink at the
reception. I have seen Lawrence Walsh
presentations a couple of times now and I always enjoy them, and this
particular “Risk Perceptions and Reality” was no exception. His research on where security dollars are
being spent, and presentation points on applying those dollars in a more risk
management oriented way is similar to some of the presentation I give, only his
research data is better than mine. The
major theme was ‘security will not improve until security becomes part of the business
process’. Not sure the audience was getting the point, but it was not for lack of trying.
RSA: How would I
encapsulate the RSA show? In a
word? “uhhhh”. I am too apathetic to yawn. It appears that they are still waiting for an
answer to the question “What would Turing do?”
Even the San Jose Mercury news only had a very tiny piece on Chertoff's presentation, so if they could not find much to write about you know it was bleak.
It seemed to me that the industry has fallen back onto two of the ‘security
pillars of truth’, access control and encryption. Essential ingredients to security cookbook,
sure, but nothing that appeared innovative and new. Marketing these solutions to Governance, Risk
and Compliance, which is new and possibly only 3 years too early, plus no one
seems to agree on exactly what GRC means. Oh well, here’s to next year!
Security Bloggers Meet Up 2008: The best after hours RSA party had to be the
Security Blogger’s event organized by Jennifer Leggio at Fortinet. Great turnout, great people, great food and
a whole lot of fun. I met up with people
I have not seen in 8-10 years, and met a dozen so Bloggers who I have been
reading for the last year or more. Fun and educational. Great work Jennifer!
Miscellaneous fun #1: McAfee Hacks hackers. Did you
know that? Their banner says so. I was intrigued, so I stopped by their booth
and asked for a white paper on how exactly they do this? What
is it they offer? Can I pick the hacker
to hack, or is it more random hacker hacking? How do you reduce the false positives of
hacking White Hat guys instead of Black Hat guys? What is my ROI? They took my business card and said they
would get back to me. Maybe the product
is still in Beta.
Miscellaneous fun #2: SFPD & Security. I took Cal Train into the city on Wednesday
morning. It did not dawn on me that this
may be a problem until I arrived and I heard that several of the bus lines were
shut down because of the Olympic Torch. Then I
started to worry when 10 kids with Chinese flags were walking along side of me
right into the gauntlet of Sherriff’s officers. Uh oh!
I have been to the out
front of the west wing of the White House, the executive building, the Senate and various
other official places, but I have never seen a security show like this. Every hundred yards all the way up 4th
street were a pair of motorcycle cops flanking both sides of the street. Every nook, cranny and side-street had a Police,
Sherriff, Marshall or undisclosed official vehicle standing by. Train schedules altered, bus routes changed
or halted, streets barricaded, street lights run manually, profiling of
participants, helicopters and more. Nothing
going on as I guess they moved the torch route, but the Police were clearly on
100% alert. Amazing!
Miscellaneous fun #3: A few years back, at the Oakland Coliseum, I
had a disconcerting experience. I was
walking out of the men’s room and was suddenly faced with half a dozen very
large men in suits who were angrily walking towards me with hands reaching for
me. At the last second the tall thin man
next to me told them it was OK and they stopped in their tracks and just glared
at me. I just so happened to exit the
door and bump into Michael Jordan. His
entourage was none too happy having me pop out of nowhere and be standing
within inches of their charge. Cooler
heads prevailed, but you never forget that split second feeling that things are
not OK.
So I am walking around RSA exhibitor’s area on Tuesday, down
a crowded aisle, and six guys in suits and short hair turned and are suddenly
staring at me with that same glare of concern. At first I was thinking it was a secret service detail, and maybe Al
Gore was in the area. Did I somehow look
threatening in my casual sweater and dungarees? Then I looked up and saw I was standing in front of Guardium’s
booth. Ah, now I get it! Move along! Nice to know they care.
Miscellaneous fun #4: I was over at a partner’s Booth on Wednesday. I did not recognize anyone at the booth, nor
did they recognize me. I decided to see
what they were selling and what messages they were delivering at the show. Access Control. OK, what about the other security products
you offer? I started to quiz them on
database monitoring, auditing and the like. My questions were returned with blank stares. The first person did not believe they offered
other security products … they do, trust me on this one … and the more senior
representative said “Yes, we offer that product, but we have no one here who
can talk about it”. OhhhhKay! Your spending $30K on a booth, collateral
& shipping at a Security conference, not to mention whatever employee &
lodging costs, and you don’t prepare to talk about your Security
products?!?!? Nothing like wasting an investment.
Recent Comments