Well, no, security dweebs, we’re on a public policy kick, probably will be until the end of the year (more on that to follow, stay tuned), so you wouldn’t be so lucky.

The Plum Book’s official title is Government Policy and Supporting Positions and basically it’s a huge staffing chart for the Senior Executive Service–the political appointees.  Congress publishes the Plum Book after each presidential election, so for those of us who remember our civics lessons in high school, that would be every 4 years, and the last one was published in 2004.

In fact, you can see the last edition here.  Caveat:  it’s dry, like the uber-trocken Franken white wine that grows in the fields around where I used to live in Germany–so dry that it sucks the moisture right out of you.

Plum Pickin photo by Secret Tenerife

Now why do we care about the Plum Book?  Well, that’s a good question.  Have a look at some of the staffing plans in the plum book, and you’ll see something missing:  Agency CISOs.

Now, I’m not a rocket scientist on org charts, but it seems to me that unless you put CISOs up to where they’re answerable to the agency head, they’re just a cost center inside the IT department with no visibility to the decision-makers.  Once again, we’ve crippled our security staffs like the old-school way of doing things.

On another note, taking a quick straw poll of the agency CISOs that I know, I think about half of them are political appointees, and half of them are GS-15s.  So what’s the difference?

Well, political appointees (SES) are appointed by the President.  They make a better target because they have much more visibility from the higher-ups they are more political in nature.

GS-scale employees are civil service careerists.  Usually these are the guys who have moved up the ranks in the various agencies and know quite a bit of things.

Which is better?  Well, if you want survivability, then GS-scale is the way to go.  If you want to make the most difference, SES is the ticket.

Most of us will never get the choice. =)

Bookmark to:

Ostensibly this purchase allows JetBlue a faster and simpler path into operations. Whether it's worth it to JetBlue is hard to tell, except that they will likely be marketing this service to other airlines as a differentiator. It will be lower bandwidth than AirCell, but could be likewise cheaper and used for shorter-haul flights.

Verizon notes some of the technical details of their service's business status on a FAQ for their corporate customers, which has an oddly large amount of business detail. Verizon was obligated within two years of the end of the auction for the spectrum they occupied with their very inefficient narrowband analog service to cease operations on those frequencies. That date is about now (the certification of the auction results was close to two years ago), and Verizon clearly worked out the details to allow current customers to maintain continuity through the spectrum vacation and into JetBlue's hands on January 1.

As I noted a few days ago, a few sources had already tipped me that JetBlue's test aircraft with Wi-Fi onboard and email was using the ancient Airfone network, which is capable of slow dial-up modem speeds, rather than using the 1 MHz which could conceivably carry over 500 Kbps of data in each direction per plane.

First it was Caymas Systems, then it was Vernier Networks, now Lockdown Networks appears to be exiting the NAC market.  Of course the obvious reaction as a competitor is to say good riddance, one less competitor to deal with.  But to turn a quote on its ear, I write today not to bury Lockdown Networks, but to praise them. More than the other two NAC companies that have exited the market, I was personally in the loop on Lockdown Networks. I first heard about them when a VC friend of ours asked us about them years ago.  This was when we were still planning Safe Access and Lockdown's business plan was vulnerability management. They had not raised money yet and were still in stealth mode. We thought of them as competition for our VAM product, but wanted to see what they would come up with. I stayed abreast watching their progress from afar. Some time later, when I was looking to put together a group of companies to form a coalition to develop an independent NASL script library, knowing that they used Nessus, I reached out to them.

This is when I first met Rob Gilde.  Subsequently I also met Brett and most of the rest of the team there. I like Rob, he ran their product team, was knowledgeable and a nice guy in a west coast laid back kind of way.  In short time it became apparent  to me that Lockdown was looking to move out of the VM business.  Rob realized that just scanning and reporting was not going to make it.  He had the notion of adding enforcement to his vulnerability scanning. If you failed a vulnerability scan, you should be denied access to the network.  My initial reaction was vulnerability scans are done mostly on servers, but Rob wanted to do vulnerability scans on endpoints.  That is when I told him about our own product which we were about to release. Rob and the team re-tooled and released their Enforcer product some time later. 

I personally always thought that doing SANS TOP 20 scans on endpoints was not where it was at in NAC, but Lockdown raised money from Intel and a bunch of other folks and was making a big splash in the heady, gold rush days of NAC.  We ran into them on deals from time to time, especially in many of our major partner/OEM deals.  The good news for us, is that just about all of the time, our product was picked over theirs.

Soon rumors were everywhere that Lockdown was on the block.  Brett and team were looking to grab 20 or so major customers and quickly flip the company for a big win.  Than we began hearing that they were looking for less and less money.  Also, their PR began becoming more and more desperate.  That is when I began calling them on it in my blogging.  Evidently that got their attention.  A few Interop shows ago, Rob called me over and said he and especially Brett were really upset I called them out.  I apologized and said hey I call them as I see them.  At RSA or another show after that Brett walked right by me and tried his best to diss me.  People from NY don't get dissed that easy though.  I just laughed it off, but it was the last time I spoke to anyone at Lockdown. 

Recently we have begun to see a few customers that were choosing our Safe Access product to replace Lockdown's.  I thought this was ominous for them, but hey good for us! I truly expected to hear any day of someone picking them up at a decent price. I didn't think it would just implode.  In many ways a company shutting down is a death of a thousand dreams.  The soaring aspirations of the founders, the individual sugar plum fantasies of the early hires, the VC's thinking this could be the big hit.  Perhaps most sad of all, the customers who looked at the market and for whatever reasons decided that Lockdown offered them the best product for providing NAC and solving their problems.  Those people made a bet that Lockdown would be there to solve the issues and provide a great solution.  They as much as anyone lost that bet. 

As they do on Ebay, here is a second chance for Lockdown customers.  We will have on our web site a special offer to upgrade you to Safe Access and leverage your investment in Lockdown.  Lockdown's misfortune does not have to be yours.  We are here to help and are here to stay.  So to all of Lockdown's customers, I am sorry you are left in a hard place here, but there is help.

To Brett, Dan Clark and the rest of the Lockdown crew, most especially to Rob Gilde, I offer my sympathies that this did not turn out better for you.  You all made a great effort and you made us try harder which resulted in our product being developed faster than it would have otherwise.  For that I thank you and wish you all the best of luck in your future endeavors. This song is for you:

First it was Caymas Systems, then it was Vernier Networks, now Lockdown Networks appears to be exiting the NAC market.  Of course the obvious reaction as a competitor is to say good riddance, one less competitor to deal with.  But to turn a quote on its ear, I write today not to bury Lockdown Networks, but to praise them. More than the other two NAC companies that have exited the market, I was personally in the loop on Lockdown Networks. I first heard about them when a VC friend of ours asked us about them years ago.  This was when we were still planning Safe Access and Lockdown's business plan was vulnerability management. They had not raised money yet and were still in stealth mode. We thought of them as competition for our VAM product, but wanted to see what they would come up with. I stayed abreast watching their progress from afar. Some time later, when I was looking to put together a group of companies to form a coalition to develop an independent NASL script library, knowing that they used Nessus, I reached out to them.

This is when I first met Rob Gilde.  Subsequently I also met Brett and most of the rest of the team there. I like Rob, he ran their product team, was knowledgeable and a nice guy in a west coast laid back kind of way.  In short time it became apparent  to me that Lockdown was looking to move out of the VM business.  Rob realized that just scanning and reporting was not going to make it.  He had the notion of adding enforcement to his vulnerability scanning. If you failed a vulnerability scan, you should be denied access to the network.  My initial reaction was vulnerability scans are done mostly on servers, but Rob wanted to do vulnerability scans on endpoints.  That is when I told him about our own product which we were about to release. Rob and the team re-tooled and released their Enforcer product some time later. 

I personally always thought that doing SANS TOP 20 scans on endpoints was not where it was at in NAC, but Lockdown raised money from Intel and a bunch of other folks and was making a big splash in the heady, gold rush days of NAC.  We ran into them on deals from time to time, especially in many of our major partner/OEM deals.  The good news for us, is that just about all of the time, our product was picked over theirs.

Soon rumors were everywhere that Lockdown was on the block.  Brett and team were looking to grab 20 or so major customers and quickly flip the company for a big win.  Than we began hearing that they were looking for less and less money.  Also, their PR began becoming more and more desperate.  That is when I began calling them on it in my blogging.  Evidently that got their attention.  A few Interop shows ago, Rob called me over and said he and especially Brett were really upset I called them out.  I apologized and said hey I call them as I see them.  At RSA or another show after that Brett walked right by me and tried his best to diss me.  People from NY don't get dissed that easy though.  I just laughed it off, but it was the last time I spoke to anyone at Lockdown. 

Recently we have begun to see a few customers that were choosing our Safe Access product to replace Lockdown's.  I thought this was ominous for them, but hey good for us! I truly expected to hear any day of someone picking them up at a decent price. I didn't think it would just implode.  In many ways a company shutting down is a death of a thousand dreams.  The soaring aspirations of the founders, the individual sugar plum fantasies of the early hires, the VC's thinking this could be the big hit.  Perhaps most sad of all, the customers who looked at the market and for whatever reasons decided that Lockdown offered them the best product for providing NAC and solving their problems.  Those people made a bet that Lockdown would be there to solve the issues and provide a great solution.  They as much as anyone lost that bet. 

As they do on Ebay, here is a second chance for Lockdown customers.  We will have on our web site a special offer to upgrade you to Safe Access and leverage your investment in Lockdown.  Lockdown's misfortune does not have to be yours.  We are here to help and are here to stay.  So to all of Lockdown's customers, I am sorry you are left in a hard place here, but there is help.

To Brett, Dan Clark and the rest of the Lockdown crew, most especially to Rob Gilde, I offer my sympathies that this did not turn out better for you.  You all made a great effort and you made us try harder which resulted in our product being developing faster than it would have otherwise.  For that I thank you and wish you all the best of luck in your future endeavors. This song is for you: