Re: whitehouse cyber strategy review

[chris () blask org]

--- On Mon, 11/16/09, Rich Kulawiec <rsk () gsp org> wrote:

> I have to concur with this.  I say "have to" because I'd really like
> to disagree, but all available evidence suggests that Chris' assessment
> is spot-on.

I do that once a year just to throw everybody off.
 
> Dammit, could you be less depressingly correct on a Monday
> morning? ;-)

I'm still an optimist, though.  Recent re-diving into the SIM product landscape gives me hope.  Splunk and 
Alienvault/OSSIM have done really cool things in the past two years and I have the sneaking suspicion that we are 
creeping up on the adoptionability of more and better monitoring solutions.  A hundred people showed up for a day of 
Splunk seminars here in RTP last week and lots of them were already doing neat things (and people just don't show up 
for product seminars these days).

If we can make it possible for people to tell that they've been compromised *then* we stand a chance of getting them to 
fix the unacceptable crap.  If all we do is tell them to use better crap they'll never advance.  It's all about 
visibility.

-chris

PS - Tom Waits is the background music to my life...

"If I exorcise my devils, well my angels may leave too."


      

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.