[SecurityRatty] tag: rally

Clinton Urges Party Unity In Powerful Convention Address

Wed, 27 Aug 2008 00:22:00 +0000

Hillary Clinton exhorts the members of her party to unite and rally behind former Democratic presidential nominee Barack Obama, saying that the nation can't afford to elect another Republican to the White House.

Whats Up With the Washington Posts Biz Section Coverage of Local Business?

Fri, 23 May 2008 17:26:02 +0000

I have been planning to write this blog post for quite some time and my thoughts were crystallized after attending the Washington Post 200 Business Forum. Katharine Weymouth the striking granddaughter of the late Washington Post Co. chairman Katharine Graham, kicked off this event to approximately 300 local business executives. During her introduction, she talked briefly about her role as the newspaper’s publisher and the fifth member of the Graham newspaper dynasty to hold that title since her great-grandfather, Eugene Meyer, bought The Post at a bankruptcy sale in 1933.

During the first intermission, I spoke with a Post journalist who covered the business section about my perspective on the reasonably horrible job the Post has done in delivering interesting stories and company profiles regarding emerging companies in the local technology community. I really think that filling the Post Business section with lots of AP stories (that I have already read online the night before the paper arrives) and stories about emerging technology companies outside of the region is a big mistake.

Given that the DC Metro region is the 2nd largest region of technology professionals in the United States, only trailing the San Francisco, CA Region, we have a huge number of fascinating start-ups that have great stories to tell about their business ideas and the new entrepreneurs in the region that are succeeding.

Is this sour grapes? In the interest of full disclosure, we have had several good discussions with Post journalists, but the stories died after the individual was moved to another “beat” and the response was, “yes that has become quite common.” But beyond the reorganizations (just today the Post announced it was reducing the newsroom staff by 10%), the Washington Post’s business section simply does not focus on a critical section of the local business community – emerging technology companies. From a business perspective, these companies are the source of innovation, ideas on “what will happen next”, and contribute greatly to a thriving (despite the economic downturn) and successful local business community.

In the past, if I did a web search about a new technology and the results were from an unknown blogger, the Mercury News or the Post, I would select the story by the Mercury News because of their great reputation for business and technology coverage. Sadly, for the Mercury News, the paper is fast losing that reputation and the key reporters that helped to build it.

The Washington Post has a unique opportunity to create a great reputation in covering this space, and my assertion is that the local business community would rally around the Post. Local coverage is so key to business leaders as you work to network at local events and learn about companies working on complementary initiatives, but today we have a real void in our regional coverage, which has a direct connection to why I recently discontinued my Post daily delivery.

Dear Katharine, some of your journalists and advertising executives agree with me. Please consider a renewed investment in the Business Section. The Post has a unique opportunity and even something I’ll call “first dibs” to tap into and become part of a thriving, vibrant technology business community that extends far beyond just a print/online newspaper. Why isn’t the paper taking advantage of this?

ShareThis

Whats Up With the Washington Posts Biz Section Coverage of Local Business?

Fri, 23 May 2008 17:26:02 +0000

ShareThis

Whats Up With the Washington Posts Biz Section Coverage of Local Business?

Fri, 23 May 2008 17:26:02 +0000

ShareThis

I just paid more than $4 bucks a gallon for the first time!

Wed, 21 May 2008 20:38:16 +0000

Returning my rent a car here in Denver, I stopped in the gas station to fill up. I paid $4.04.9 for 85 octane gas. First time I have cracked the $4 dollar barrier. I am so excited I can cry. Oil went over $133 a barrel today and I saw an analyst report that it could go as high as $200 a barrel. It seems that when George W became President I remember oil in the 20 to 30 dollar range. There really doesn't seem to be a shortage of oil, supply meets demand. So WTF? Why are prices going up daily like this? I used to think it was due to fears that another war in the Persian Gulf would break out, but I think it is beyond that now. I really feel like the markets are being manipulated and it is time for intervention.

If this does not give us as a country the will to do something about our dependence on oil, I don't know what will. Lets see a bold call to action like putting a man on the moon for this country to rally around with a goal of developing alternate energy and soon!

$13 million grant approved to fight cyber-terrorism

Mon, 12 May 2008 20:00:00 +0000

Malaysia's Prime Minister has approved a $13 million grant to lay the foundation of IMPACT, a not-for-profit global organization to rally efforts from governments, the private sector and academia worldwide, against the growing threat of cyber-terrorism.

Is IF-MAP the spark that will ignite theTCG/TNC and the security industry?

Wed, 30 Apr 2008 05:25:12 +0000

The big news at Interop yesterday was the new IF-MAP specification and standard announced by the Trusted Computing Group/ TNC group. Some may call it TCG NAC 2.0 but it actually goes way beyond just NAC. IF-MAP represents a method that allows disparate security technologies to talk to each other and leverage the information gathered from multiple sources to make better and more secure decisions about network devices, users and traffic. It has huge implications for not only NAC, but IDS/IPS, vulnerability management, SIMs, etc. Also, it represents a real opportunity for the TCG/TNC to move out beyond the shadow of NAP and really become a dominant standard for the network and security industry to rally around.

The idea behind IF-MAP is that data is stored in a central container called a MAP or meta-data access point. This data can be called upon or supplemented with more data from a wide variety of sources. You can publish, search or subscribe to the data. The format is XML. The diagram (which you can click on for a bigger version) on the left shows a sample multi-vendor configuration, but the combinations are endless. To get a better flavor for what you can do you can click here to see a PDF presentation by the TCG of IF-MAP.

I had a chance to speak about IF-MAP with Steve Hanna and Mike Fratto. If it does indeed become widely adopted this can have a profound impact on our industry. Also, Steve and the TNC is very much looking to diversify and distribute the administration of the MAP among many vendors so that it does not become a single vendor steered standard. I applaud Steve and the rest of the group for working so hard on MAP. I challenge the rest of the industry to take a look at it and work towards adopting it. It truly can help be a win for all security vendors, but most of all a win for security administrators who would finally be able to use best-of-breed products from different vendors and have them talk to and work with each other.

Microsoft launches 'End to End Trust' call to action, observers skeptical

Tue, 08 Apr 2008 20:00:00 +0000

In his keynote address at the RSA Conference here, Microsoft's chief research and strategy officer Craig Mundie sought to rally the high-tech industry and its customers to an idea Microsoft is calling "End to End Trust," a system for the Internet where identity claims can be validated according to sound security principles.

Security vendors rally around NAP

Wed, 27 Feb 2008 21:00:00 +0000

Security vendors are clamoring to announce their products' compatibility with Microsoft's network access protection, a key security feature of Windows Server 2008.

A rose by any other name

Wed, 20 Feb 2008 22:10:07 +0000

Mike Fratto had an interesting blog up today about Steve Hanna having submitted in essence the TCG/TNC specifications to the NEA working group for consideration as working group documents. According to Mike these were the only documents submitted. This actually came as no surprise to me. I have felt for a long time that Cisco was not into leading the effort to blaze their own trail regarding NAC standards any more. They were just looking for a face saving way of going along with the TNC spec without looking like they caved in and crawled to Juniper and some of the other Cisco competitors in the TCG. The NEA group is the perfect foil to call these standards by another name, but they remain the same. Frankly once Microsoft and the TCG joined forces, the writing was on the wall for Cisco. Also, the fact that so many of Cisco's NAC customers use the NAC appliance and not the NAC framework, means that frankly the whole standards thing just didn't have the same aroma it used to. The good news is that NAC customers and vendors (and not just NAC appliances, but everyone involved in the NAC ecosystem) can now all rally around one standard and build NAC systems that work.

Of course Fratto brings up "Grumpy" Rothman's incite about another down year for NAC. Mike prides himself on predicting the obvious that NAC would not live up to its hype last year. For this year he sees NAC moving into the network (NS, Sherlock). Mike finishes up with his who gives a hoot about standards spiel. I think on that score, Fratto sets Mike straight and I will defer to Mike F.

Also to note Mike Rothman refers to another crystal ball blog article, this one by Thomas and Nate over at Matasano. With my history of mixing it up with Thomas, I don't want to come off as sour grapes on Thomas's outlook for NAC. But I think in a classic case of when you are a hammer, everything looks like a nail , Thomas looks at NAC from the point of view of the kind of research he does. The fact is what most customers want their NAC to do is not anywhere near what Thomas is talking about or the kind of things he researches. I also am not sure he is up on all of the different technologies used in NAC because you certainly don't need "100 crappy 1U security boxes" to do NAC across the enterprise. I do think Nate has a better handle on it, with NAC becoming a feature on switches and in endpoint agents.

Frankly, I am always baffled by these predictions on NAC. I always wonder why they are not talking to our customers. I find it hard to believe that I or the rest of us at StillSecure were that smart. We have recognized from the beginning that working with network vendors was going to be key in the NAC market. So we have forged OEM and partner relationships with most of the switch vendors out there. We have tried hard to allow NAC to leverage existing investments in security. I think most of the customers and people looking at NAC see the value in it. No, it is not the silver bullet (and maybe that great white hope tag is what is dragging down perceptions by some) but it is a great tool for security and compliance for most companies. I know we are not alone among NAC vendors seeing this either. Yes there was a lot of snake oil out there, but I think the shake out is by real players staying and the BS walking.