Tags: hackers, Internet security threats, Verizon Business, Internet Dedicated Access, Vulnerability Management, Paula Rhea, Cindy Bellefeuille

Tags: Bob Thacker, brand engagement, Elf Yourself, Jennifer Jones, Marketing Voices, Office Max, social media, viral campaign

Intel maintains a “threat agent library,” with profiles of security threats, and the agents who might perpetrate them. It also uses real-time threat scenarios, or war games, to try to bring information about the actual environment together with threat agents and threats to test and improve threat response.

From fending off ordinary hackers to more organized crime or cyber terrorism, Casey’s role is like that of an IT secret agent working to keep Intel’s secrets out of the hands of real-world threat agents.

Casey blogs about IT security at IT@Intel. In a recent blog post, Power Tools in Information Risk Management, he discusses the tools he uses in managing information security risks at Intel. Check out other Intel blogs at Intel Open Port. (A recent post by Intel’s Matthew Rosenquist’s notes that the threats to network security are living, breathing opponents who are creative, knowledgeable, motivated, and have personal objectives in mind.

Related Stories: IntelSecurity

Some photos in video courtesy of: Adam Schuster, Andrew Dill, Christos (Christos_m2001), James (monkeyatlarge), Stuart Seeger, The Lucid Moment, Torstein Haldorsen and Windell Oskay, via Creative Commons Attribution 2.0 Generic License; Bill Hails and Herman Yung, via Creative Commons Attribution-No Derivative Works 2.0 Generic License; Christina X, Eduardo (tnarik), Lachlan Hardy, Mahalie, pingnews.com, and Rahmat Dornbrook, via Creative Commons Attribution-Share Alike 2.0 Generic License.

Tags: Security risk assessments, security risk modeling, security threats, threat agent library, network security, Intel, TIm Casey, information security, war games, hackers, cyber terrorism, threat agents, Open Port, Matthew Rosenquist, IntelSecurity

Morris Chang helped create the fabless chip industry. And in doing so, he created a massive innovation platform by enabling small bands of chip designers to buy production time as they needed it. Chip companies no longer needed to own and maintain hugely expensive chip fabs.

John Hennessy helped develop the RISC microprocessor, whose features are found in all modern microprocessors. As president of Stanford University, he has made huge contributions to education, and the creation of a student body that has gone on to found many of Silicon Valley’s largest companies. And his work has helped generate huge licensing revenue for the university.

David Patterson made important contributions to microprocessor design and RAID data storage technologies. As head of Computer Science at the University of California at Berkeley, he has helped educate generations of computer engineers.

Charles Thacker helped create the personal computer. His work at Xerox Palo Alto Research Center led to the Alto, the machine that inspired Apple Computer and featured a windows graphical user interface. He co-developed Ethernet and also the laser printer.

Tags: Morris Chang, John Hennessy, David A. Patterson, Charles Thacker, John Hennessy, David Patterson, Charles Thacker

IT@Intel

Tags: Sanjay Rungta, Intel, Network Engineering, hackers, internal threats, VPN, OnConnect Authentication, IT@Intel

Each of the participating teams (31 in all) were given 90 seconds to demo their hack before a panel of seven judges. The judges included David Filo, co-founder of Yahoo!; Brad Horowitz, VP, Yahoo!, Christian Heilmann of Yahoo!, Ashish Gupta, managing partner of Helion Venture Partners, and others.

There were about 10 winners that won prizes under different categories.

Right after the winners were announced I caught up with David Filo and Christian Heilmann to find out what they thought of hackday India, which is the first hackday in Asia and the third in the world. The previous two hackdays were held in Santa Clara and London.

Tune in to find out what David and Christian had to say about hackday India and the creativity of Indian hackers.

Tags: David Filo, Brad Horowitz, Christian Heilmann, Ashish Gupta

Tags: hackers, Bangalore, Open Hack Day, Sunnyvale, Joe Arnold

Tags: Burning Man, Black Rock City

Tags: Burning Man, renewable energy

Related Stories: IntelSecurity

Tags: Malcolm Harkins, Intel, Jason Lopez, IntelSecurity

In this video interview, Gina talks about how she got started (tracing it back to a college job at a computer lab), provides advice to aspiring bloggers, and general impressions on Blogher. She also talks about her new book, that carries the title of her blog.

Gina sat on a few panels at the conference, one on tools and tricks for blogging and another on moving from blog to book.

Tags: Dawn Cardon, Jessica Verrilli, The Experience Project, Gina Trapani, Blogher

Info Sec Sell Out

Tags: Information Security Sell Out, troll, hackers, Cutaway, Apple worm, Info Sec Sell Out

As Wendy says here, “There is no creativity in consumerism… makers don’t make good consumers. The less you know, the less you can make, the more you’re going to buy.” Want to produce a Swap-O-Rama-Rama where you live? You can! Because it’s Creative Commons licensed! Contact Wendy on the site and she’ll get you started!

Tags: Wendy Tremayne, Green Acre, RyanIsHungry, Swap-O-Rama-Rama, Maker Faire, Creative Commons

Tags: Marc Powell, anarchist, hacker, food hacking, social networking

Tags: blogosphere, Tailrank, memetracker, Kevin Burton, Jonathan Moore, Spinn3r

More information at:
Symantec.com

(more…)

Tags: Symantec

More images on Flickr.

Transcript:

Host: Michael Johnson - PodTech
Guest: Martin McKeay - Network Security Podcast
Guest: Stephen Toulouse - Microsoft
Guest: Richard Stiennon - Fortinet
Guest: Richard Mogull - Gartner
Guest: Bruce Schneier - Schneir.com
Guest: Lori MacVittie - F5 Networks
Guest: Eric Green - Larstanpodcasting.com
Guest: Ron Gula – blog.tenablesecurity.com
Guest: Ryan Singel - 27bstroke6
Guest: Brian Krebs - Washington Post
Guest: Michelle McLean - ConSentry Networks

Michael Johnson - PodTech
This is Michael Johnson and we’re here at the Foreign Cinema restaurant in San Francisco, a very unique restaurant in which many of the nights they show movies outside, projected on a wall. We’re here at the site and on the occasion of the RSA 2007 Conference, and we’re here with a lot of people from across the country that are security bloggers, we’re going to talk to a few of them to see what’s on their minds or what they’ve been blogging about lately.

Martin McKeay - Network Security Podcast
I mean this is only happening once a year, there is a lot of us with a lot of voices out there, and well, we like to talk. So, it’s a really good thing to have this group together and (Voice Overlap). So, I wanted to give our sponsors, Microsoft and Fortinet, a couple of minutes to talk and they will tell you why they decided that it was worth sponsoring this event.

Stephen Toulouse - Microsoft
Hello everyone, I’m a Mac

Speaker
Don’t do that to me, I want to be the Mac.

Speaker
(Inaudible)

Stephen Toulouse - Microsoft
He said, I believe the exact phrase was, if I were shopping for a computer today, I would want to buy a Mac, that’s what he said, in that email, he’s being purposely dramatic, but that was Jim, as those who have ever talked to him know.

Speaker
That was Jim in the past tense.

Stephen Toulouse - Microsoft
Yeah, well, he retired, he retired, he’s gone. So, I want to talk a little bit about why we really wanted to help put this together. Most of you actually probably don’t know me as Stephen Toulouse, you probably know me as Stepto, which is what everybody calls me, it’s my email name at Microsoft, stepto@microsoft.com and my blog is stepto.com. I actually began — I’ve been with Microsoft since April of 1994 and I started off supporting Windows 3.1 and DOS 5.0, which I am proud to say had no remotely exploitable hole in the default install.

Speaker
Have you gone through that?

Stephen Toulouse - Microsoft
Had no network stack, but yeah, that it will, so we’ve come a long way since then. One of the things that Microsoft has done over the past couple of years, thanks to people like Scoble and thanks to a lot of the people that work at Microsoft and do blogging is we’ve embraced the blogging culture. So, last year we held a little lunch in, got some people together, it was just a dozen people, it was a lot fun, so when we heard the idea to do it again and do something a little bit bigger, a little bit fancier and invite more people, we jumped at the chance. I’m so glad, I mean seriously I’m so happy there are so many people here, there’s going to be so many great conversations. We’re just happy to be here, and happy to sponsor. I wish more of us were here, but planning for the next version of Windows is currently going on in Webinn (ph), so there is a lot of…

Speaker
Next after Vista?

Stephen Toulouse - Microsoft
Next after Vista, so there’s a lot of split. So, as I said diverse a few minutes ago, I know it sounds a little bit crazy to say for a company that has $34 billion in the bank, but it’s a resource issue, so we don’t have everybody down here, but I’m here, happy to be here, and happy to be with Fortinet in sponsoring this. So, thank you very much for coming, we don’t want to spend a lot of time in (Voice Overlap), so you guys have great conversations and Richard, what did you want to say?

Richard Stiennon - Fortinet
Cool, so I don’t have a lot of time to talk.

Stephen Toulouse - Microsoft
You’ve got as much as you want, you’re sponsoring.

Richard Stiennon - Fortinet
(Inaudible) Technorati ranking, somewhere way north of 12,000. I think that it is being a little site a Technorati blog ranking is kind of interesting when we all get together and meet, but what’s really, really, really interesting is that we are changing how people access information, because we all are in our own right experts or we all are in our own right good communicators and we know that because people are coming to our blogs, we’re all reading each others blogs, and doing the back and forth thing. This is new, we all know that, this is, in the security world for certain, this is the way that the end users are going to learn new stuff, we highlight things that just don’t get into the press, the press just doesn’t focus the same way that we do.

I’m super, super excited about what the blogging community does, so of course, when the opportunity came up, the timing was just right, I could say, Hey Rich, we’ll sponsor that, we’ll get there, that’s very cool.” As everybody talks to me this evening, I need a little help, I’ve got a bloggers dilemma, I’ve lost my bloggers voice, as you may have noticed, I can’t post anymore. Last week, for example, so TJX gets totally whacked by hackers, steals 40 million credit cards, I can’t find anything to say about it, because I have to check with our VP of North American sales to see if we’re doing a deal with TJX. That just stops you dead in your tracks, I could no longer be the (Inaudible) bloggers.

Speaker
Talk about that.

Richard Stiennon - Fortinet
Yeah, there was (Inaudible), so what do I do. I personally want to settle on a travel log because I travel a lot. So, I’m going to blog about shady hotels, and how they don’t have enough power plugs and stuff like that. Anyway, any other ideas, please let me know, and just thanks for everybody contributing to the community that we are, here it goes.

Martin McKeay - Network Security Podcast
Rich Mogull said he had a couple of (Voice Overlap) to say.

Stephen Toulouse - Microsoft
Yeah, Rich you want to say something?

Martin McKeay - Network Security Podcast
He’s the originator of this whole problem.

Richard Mogull - Gartner
You guys are joking, but — never mind, I’ll save that for when the camera’s not on. I want to thank everybody for coming, I got to be honest this went far beyond my expectations, I thought there would be a dozen guys, sitting in a room, paying for our own drinks…

Martin McKeay - Network Security Podcast
You’re paying for ours actually.

Richard Mogull - Gartner
Yeah, I though I was going to buy a round or two and that was going to be the end of it. When I started blogging as an experiment, it was, let’s just see what this is about, let’s see what’s going on out there in the community and it was mind boggling how valuable it was. The ability to have a — so let’s look who’s in the room? We have Brian from the Washington Post, reporter from a major newspaper here. We have representatives from all parts of the vendor community. We have representatives from the analyst side and we have end users everywhere. There is no place else in the world where we can all have a dialogue on a common issue, and at the same time, people read this stuff. If you were at the opening session for — I don’t normally go to the keynotes because come on, who needs to see Bill speak again. Hey now, that’s the truth really.

One of the things that Ze Frank said was, he called us the defenders of the renaissance. When you want to see the thought leadership, there’s two sides, there’s the back room, development being done, the really smart guys. When you want to see the people who are influencing, — I think that is us, but people who are influencing the community. If you look at where security came from and where security is going, I don’t care what Art (ph) says, security is not going away in two to three years, not going to be all embedded into the infrastructure.

There is a new wave of security thought readers that are building in this industry. There’s the old wave, first and then — so I love the dialogue, it’s incredible that we can all talk in an open environment, especially guys like Allan and Richard now, talking about analyst side versus vendors versus end users, all of this, (Voice Overlap). So, I’ve talked too long, thank you all for coming, I know there is more people coming on the way, let’s go drink more, and make fun of each other.

Michael Johnson - PodTech
We’re here with Bruce Schneier. Bruce, tell me a little bit about what you do?

Bruce Schneier - Schneir.com
Oh God, I am a Security Technologist, I write, I speak, I work for BT Counterpane, and I piss of the government, I do a lot of things.

Michael Johnson - PodTech
What have you been excited about over the last year or so, and what’s been some of the more interesting things that you have documented in some of your studies and some of your blogs?

Bruce Schneier - Schneir.com
Well, what I wrote about — writing about now, what I posted this week, and what I talked about here at the RSA Conference is the psychology of security, how we perceive security. Security is both a feeling and a reality, and they’re different. You can feel secure and not be secure and you can be secure and not feel secure, and there’s a lot to learn in that difference, why it happens, what about the human brain makes us get security wrong? I’ve been reading a lot of psychology, a lot of human brain physiology, a lot of — there are studies about risk, there’s a whole lot of research being done in the psychology community, that we’ve never seen here in the security community, but I think is directly relevant to what we’re doing.

Michael Johnson - PodTech
That sounds fascinating, I think it is a concept of security that people are thinking about more these days, because certainly in the United States and in other places as well, this idea of what our security is, is certainly being called into question.

Bruce Schneier - Schneir.com
Right, and there’s a lot of crap security, I call it security theater (ph), security that doesn’t do anything good, but just makes you feel better, and that’s security that doesn’t target to the reality, but targets to the feeling. There are times, they’re not common, but there are times when that kind of thing is useful. There are times when it’s really bad, and how do you know the difference. I think there’s a lot of stuff there.

Michael Johnson - PodTech
What times would you say we’re in now; say the perspective of obviously the United States and Homeland Security, that’s a big name right now, but it seems to sort of be talking more to that feeling part that you’re addressing?

Bruce Schneier - Schneir.com
We’re definitely in the stupid security season, what happened in Boston last week is an example, that happens every time you get on an airplane, security is really stupid right now.

Michael Johnson - PodTech
If folks wanted to check out your blog and see some of the stuff that you’re writing about, where can they go?

Bruce Schneier - Schneir.com
Schneir.com, actually I think if you just type security blog into Google, I pop up as the first name, but its www.schneir.com, easy to find.

Michael Johnson - PodTech
Bruce Schneier, thanks a lot.

Bruce Schneier - Schneir.com
Hey, thanks for having me.

Michael Johnson - PodTech
We’re here with Lori MacVittie who is the blogger for F5 Networks, and welcome to the party Lori.

Lori MacVittie - F5 Networks
Thanks, it’s very exciting thus far.

Michael Johnson - PodTech
Well, it’s a really interesting group of security bloggers, we’re on the occasion of the RSA 2007 Conference in San Francisco, tell me a little bit about what you blog about for F5?

Lori MacVittie - F5 Networks
I blog about a number of things, security and otherwise, but generally just trying to apply all sorts of new technology to use in our products and how they can be used and extended and just trying to be innovative and then also commenting on what other people have to say about anything related to SOA, AJAX Security, those kind of topics.

Michael Johnson - PodTech
What excites you about this, what are the things that you find really interesting in this security portion of the blogosphere?

Lori MacVittie - F5 Networks
Well, I think that emerging technology, security is very exciting because it’s new and it’s different and we have to come up with innovative ways to solve that, something that we at F5 take very seriously, but also just some of the social issues. We were just having a conversation about teenagers and security and social networking, and it’s a very interesting problem that we have to solve because it’s not necessarily a technological problem but a people problem. So, it’s something different that we have to solve, so it’s a challenge, I like that.

Michael Johnson - PodTech
We were speaking with Brice Schneier a little bit early about the sort of the concept of security and how we have a lot of solutions around, and now it’s a question of getting those things implemented, are you seeing that implementation happening now slowly but surely, or is it something that’s going to take a while do you think for the concept to sort of follow the implementation of these things?

Lori MacVittie - F5 Networks
I think as usual, unfortunately security comes last. People wait until there is a problem to actually solve it. You don’t change locks on your doors until someone breaks in. I wish that we could change that view so that people thought of it upfront, but I still think it’s a after the issue problem.

Michael Johnson - PodTech
If folks want to check out your blog, where could they go?

Lori MacVittie - F5 Networks
You can go to devcentral.f5.com/macvittie

Michael Johnson - PodTech
Alright, Lori MacVittie of F5 Networks, thanks for being with us here, enjoy the party.

Lori MacVittie - F5 Networks
Thank you.

Michael Johnson - PodTech
Tell me your name?

Eric Green - Larstanpodcasting.com
I am Eric Green.

Michael Johnson - PodTech
Eric, what do you blog about or Podcast about?

Eric Green - Larstandpodcasting.com
We’re across a lot of different spaces, I mean personally I’m our security guy, so we do a lot of stuff on Information Warfare, Information Operations and a couple of other security Podcasts. Company wise, we do — we cut across personal finance supply chain technology and cross technology, we do a lot of federal government stuff as well.

Michael Johnson - PodTech
What kind of interesting stuff have you come across in the last number of months?

Eric Green - Larstandpodcasting.com
The last number of months have been interesting on the IO space for me. So, if you look at Info Operations and Info Warfare, the critical infrastructure side of being sort of finance and telecommunications on the security side has seen a lot of people — like a resurgence of people wanting to talk about IT security, everything all the way up to SIOPs, it’s the psychological warfare and the like. So, it’s fun being back at RSA to see what people are saying on the floor about things like that.

Michael Johnson - PodTech
So, tell me your names.

Ron Gula - blog.tenablesecurity.com
I’m Ron Gula.

Michael Johnson - PodTech
What’s your blog?

Ron Gula - blog.tenablesecurity.com
I’m blog.tenablesecurity.com.

Michael Johnson - PodTech
And you?

Ryan Singel - 27bstroke6
I’m Ryan Single, my blog is 27bstroke6, which is blog.wired.com/27bstroke6.

Brian Krebs - Washington Post
I’m Brian Krebs of the Washingtonpost.com and I blog on Security Fix.

Michael Johnson - PodTech
So, what have you — I saw you three talking in a circle, what have you been really excited about, or what have you been putting in your blogs lately, is there been any dialogue between all of you other than here in person or is it been happening on the blogosphere?

Ron Gula - blog.tenablesecurity.com
Well, right now, one of the good things about getting together is, you have a lot of different disciplines. These two are from the media side of the house, I’m a vendor, so we were just kind of talking about different things that we can blog about, we all blog about dramatically different things.

Michael Johnson - PodTech
What’s your favorite topic?

Ron Gula - blog.tenablesecurity.com
I like to talk about computer security, vulnerabilities, intrusion detection, that kind of thing.

Michael Johnson - PodTech
What do you like to blog about?

Ryan Singel - 27bstroke6
You should jump to Brian on that one, because you guys do kind of similar things.

Brian Krebs - Washington Post
I mean basically for me this is great because I’m getting to meet a lot of the people whose blogs I read everyday and put a name with the face.

Ryan Singel - 27bstroke6
So, I do a little bit of the higher level kind of things. We cover government databases, privacy, kind of higher level security, so a lot of these folks know a lot more than I do at the — sort of nitty-gritty, kernel level kind of stuff, whereas we’re kind of higher level, a little bit more snarky.

Michael Johnson - PodTech
Now, one of the things I’ve been hearing here at the conference as well as in this group is that the thinking about security, has to really be the thing that has to change for a lot of people, not so much we have the technologies, we have a lot of solutions at the show. At RSA, we certainly see hundreds of solutions that are offered up, but the thinking about security has to change, what do you think about that?

Ron Gula - blog.tenablesecurity.com
Well, everything is related. Long time ago, if you were the firewall guy, you just had to worry about the firewall, or the virus guy just had to worry about making sure the viruses were update. Nowadays, everybody realize everything is linked, the operating system, the router, the policy, everything is together, and you’re probably seeing vendors start to offer solutions along those lines and consultants talk along those lines and people blog about that kind of stuff, so I’m happy to se that kind of change.

Ryan Singel - 27bstroke6
Oh, it’s kind of interesting to hear a lot of people getting sort of some of the old time religion, which is about securing the data not about securing the firewall or securing the perimeter. I’m still waiting for the sort of the big change, where security becomes easy and the Internet becomes safe and it’s not here yet.

Michael Johnson - PodTech
How long do you think it’s going to take?

Ryan Singel - 27bstroke6
Forever.

Brian Krebs - Washington Post
I write generally for a much wider audience, so I don’t tend to write much about technology solutions and things like that. Basically, I’m writing for people, the everyday Joe, average Internet user, and so I think that’s a constant education effort because it’s real easy to I think over estimate people’s grasp of technology and security issues, and that’s a dangerous thing.

Michael Johnson - PodTech
Do you think information is getting out from the blogosphere to the general public, where people read it, or does the pubic need to know more about what goes into security or do you think it actually has to stay at the enterprise level and got to go down from there?

Brian Krebs - Washington Post
I’d like to see more mainstream publications covering this important issue. I happen to think that most of the people who really need to know most about what it is they need to do, to stay secure online, don’t read blogs, I mean they’re still reading mainstream publications.

Ryan Singel - 27bstroke6
I think the mainstream folks that really need to know what they do should go to his blog, because I pick things up from you, he’s one of the best at sort of translating — like he understands the high level stuff, but translates it into what does this means for you, how do I get Flash 8 off my system, when you didn’t even know you had it on there.

Brian Krebs - Washington Post
It is always Flash 8, why do I need it?

Ron Gula - blog.tenablesecurity.com
Yeah, I mean the biggest failure of the vendor so far is all the solutions we offer are extremely technical, the average person doesn’t know, should I click this, should I not click that, am I going to be safe, am I going to lose my credit card data, it’s very difficult, so, things are getting better, we just have a long way to go.

Michael Johnson - PodTech
Alright, well, thanks for speaking with us and enjoy the party.

Michelle McLean - ConSentry Networks
Hi, I’m Michelle McLean with ConSentry Networks

Michael Johnson - PodTech
What do you do at ConSentry, Michelle?

Michelle McLean - ConSentry Networks
I’m actually in charge of Product Marketing.

Michael Johnson - PodTech
And you blog?

Michelle McLean - ConSentry Networks
I do, we’ve just recently launched the En Garde blog and there are several of us posting to it by commenting on security, how security is being perceived, what we’re seeing in the customer business that we have, and just how the market is evolving around how to secure what happens on the LAN, inside the enterprise.

Michael Johnson - PodTech
What’s the importance of the blog to ConSentry Networks?

Michelle McLean - ConSentry Networks
It’s multidimensional, there is the notion that for your customers, you’re trying to give them a little bit of an inside view into what’s going on, helping them understand their peers. There is definitely this notion of an industry level dialogue, where you know that press and analysts and other bloggers are reading some of your thoughts and it fosters the dialogue, it’s definitely a level of discussion that’s more fast moving and a little bit more straightforward than what you can see in the press necessarily, that’s just the nature of the flexibility of the medium. You can be very quick to get a whole dialogue going and in two days worth of comments you’ve moved the whole goal line forward around what the industry’s thinking about the topic, it’s really dynamic.

Michael Johnson - PodTech
Do you think it really helps the industry?

Michelle McLean - ConSentry Networks
I think it does, because I think you end up shaping how people talk about the problems, the solutions, how they’re trying to cope with certain issues in the enterprise. I used to be a journalist and an analyst actually for nine years, and it’s really nice to be back in that thought leadership domain that a blog can give you, it’s a lot of fun, and I do think it benefits both the consumers of technology as well as those who are charged with thinking about and writing about the industry.

Michael Johnson - PodTech
Michelle McLean of ConSentry Networks, thanks for talking with us.

Michelle McLean - ConSentry Networks
Thank you so much, it’s good to see you.

Richard Mogull - Gartner
Richard Mogull, and I’m an analyst with Gartner and mostly contribute to the Gartner blogs.

Michael Johnson - PodTech
Obviously you’re doing something about security, right?

Richard Mogull - Gartner
Yeah, exactly, I’m on the information, security and risk team over there, so that’s — well, it’s pretty much what I’ve been doing since I was 16.

Michael Johnson - PodTech
Since you were 16?

Richard Mogull - Gartner
Believe it or not, I started in physical security back when I was in high school and eventually got into — it was at PC tech job, and eventually that led to my information security career.

Michael Johnson - PodTech
What has been the most interesting thing for you or what area do you focus on a particular, and what over the last few years has been some of the top one or two security issues?

Richard Mogull - Gartner
Well, it has been really fascinating actually, I’ve been covering data security for about five, maybe six years now, and back then it was something nobody would pay attention to, the research wasn’t read very frequently, not a lot of conversations about it. Last year, data security has exploded, protecting people’s private information, protecting corporation’s intellectual property, incredible amount — vendors all over the place addressing it, we couldn’t go to a keynote without a mention of data security. So, I think it has been just fascinating to watch it over this five year period, as this has finally developed and has finally started to hit the mainstream.

Michael Johnson - PodTech
What do you think changed, what was it that sort of pushed it over the edge?

Richard Mogull - Gartner
Oh, to be honest, it’s because of couple of factors. One is we actually start putting things back up on the Internet and making them potentially available that people had monetary value. There were no safe crackers except for 14 year teenage boys until people put money in the safes, then the bad guys figured it out. We put those things up there, the bad guys had a little bit of time to realize not only what was there, but learn the techniques to get at it. So, now all of a sudden, information security, we’ve always called it information security, it was network security, now we’re getting back to the information, we’re getting back to the data, we’re protecting private information, we’re protecting our intellectual property.

Michael Johnson - PodTech
So, has the mindset caught up, because it’s the scene that I’m hearing at RSA, I’m hearing it tonight, has the mindset of the enterprise community that deals with that data, whether it’s data in flight or data at rest, and even some of the marginal network, firms that are out there, large storage firms that are out there, have they really caught up with the idea about what security is?

Richard Mogull - Gartner
I think we have a lot of work to do there. We know there is a problem. Now, a lot of it right now is mostly compliance driven, so people are implementing data security as much for compliance as anything else, and a lot of part of it is we don’t really know how big or how bad the problem is. Over the next few years, we’re really going to start raising that awareness, we’re going to start understanding how to build security as opposed to just layering it on, and we will get back to the concept that it’s about protecting the data, and it’s about protecting our sensitive information. So, we got a little ways to go, it’s not quite there yet.

Michael Johnson - PodTech
Thanks for talking with us, enjoy the party.

Richard Mogull - Gartner
Thank you very much, this is great.

Michael Johnson - PodTech
So, that wraps it up for our blogger evening, security bloggers from all over the country, all over the Web, all of the blogosphere, coming together here in San Francisco at the Foreign Cinema restaurant as part of the RSA 2007 Security Conference in San Francisco, I’m Michael Johnson, well see you next time.

Copyright ©2006 PodTech.net. All rights reserved. Privacy policy

Tags: RSA 2007, security bloggers, Foreign Cinema, network security, Martin McKeay, Shift, Kristalle Ward, Fortinet

Tags: Jay Adelson, Kevin Rose

Check out more images from The Mighty on Flickr

Tags: Digg, Kevin Rose, Revision3, iTunes, Odeo, Bittorrent, Diggnation, Alex Albrecht

Tags: Torpark, Hactivismo

Tags: hackers, phishers, Lauren Weinstein, People for Internet Responsibility

Tags: Carol Wilson, hackers, David Flynn, Richard Clarke, Doug Torre

John M. Jack brings over 20 years of sales, marketing, and executive management experience to Fortify Software. He has held CEO and executive positions at Covalent, Shaman Corporation, The Vantive Corporation, and Sybase, Inc. As Vantive’s COO, he led the company’s expansion from early revenues through IPO and successful acquisition by PeopleSoft. Earlier, at Sybase, he helped build the company’s sales organizations and, as part of the original management team, was integral to the company’s rapid growth to over $1B in yearly revenue.