Tuesday, January 1, 2013

Can we catch all the bad stuff?

I thought the NY Times had a very insightful article on the great emergence of new anti-malware type technologies. There is quite a bit of innovation in this space right now. I think the writer maybe over-stated how mainstream these types of technologies are right now (probably influenced by the insiders at the startups that they interviewed). But the underlying point is accurate that there is a trend towards new technologies the skip the impossible task of "finding bad actors" and instead either "look for possibly bad behavior" or "assume everyone is bad until they prove otherwise".  That is definitely the wave of the future.

I think one interesting dynamic that isn't touched on often enough in these things is that when we make the shift away from network security technology being detective to instead being something that must proactively allow activity, it will change the cultural expectations of network security practitioners. That is to say, right now, they are the detectives who find bad things and escalate it. In the future, they will be the regulators who must be coordinated with to enable activity on the network. This will require new skills (read: "business acumen").

Saturday, December 29, 2012

Tuesday, December 25, 2012

January ISACA meeting

Be sure to join the local IIA and ISACA chapters this month for a special 2-hour joint meeting. This is a great way to network and get two CPE.

That special event will be held on January 17.  Networking will begin at 11:00AM, with a special 2-hour program from 11:30AM - 1:30PM.

Register early, as the event may sell out.  Register at the IIA site here.

Santa's Privacy Policy

In the spirit of the holidays, I draw your attention to Santa’s Privacy Policy.         

Monday, December 24, 2012

New Portland ISC2 Chapter

Some local colleagues have recently organized a new Portland chapter of the ISC2 (sponsors of the CISSP and CAP certifications, both of which I have).


They are having their innaugural event in January.  Check it out. It will be a good addition to the other local associations that I sparticipate in (ISACA, ISSA, and Oregon/SW Washington Privacy Network).

Tuesday, December 18, 2012

Buck a hit day at Bojack.org

Doing anything Wednesday? Head on over to www.bojack.org for annual "Buck a Hit Day".  Jack Bogdanski is a somewhat crochety tax law prof, and Portland political cynic. I started reading him years ago and rarely agreed. Now, I agree about 75% of the time. Maybe I'm getting more conservative in my old age. Or maybe Portland politics are just really, really corrupt.

Anyways, he runs a good blog, and visiting it on Wednesday will cause him and his conservative buddies around town to give up a dollar on your behalf to a worthy local cause.

Friday, December 7, 2012

CIPP Study Sessions

Interested in obtaining the CIPP (Certified Information Privacy Professional) designation in 2013?  Join me and some other colleagues in preparing for the exam with some free study sessions in January-February 2013.

Details are at http://www.pdx-cipp.com