Friday, December 21, 2012

IT Style (Gangnam Style Parody)

In case you missed F5's latest video, you can check it out right off our home page, F5.com.
IT Style honors the heroes which make the connected world run better. Watch it. Like it. Share it. Wear it. Sweepstakes: Enter for a chance to win a Cloud Ninja t-shirt like the one featured in the video. www.f5.com/cloud-ninja-tshirt
Enjoy and Happy Holiday's from F5!
ps
Related:
Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Monday, December 17, 2012

Blog Roll 2012

It’s that time of year when we gift and re-gift, just like this text.  And the perfect opportunity to re-post, re-purpose and re-use all my 2012 blog entries.  If you missed any of the approximately 130 blogs including 73 videos, here they are wrapped in one simple entry.  I read somewhere that lists in blogs are good.

Have a Safe and Happy New Year.

ps

Related

Blog Roll 2011

Technorati Tags: blog, social media, 2012, f5, statistics, big-ip, security, silva, mobile device, analytics, video

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Wednesday, December 12, 2012

The Top 10, Top 10 2013 Predictions

Like last year, everyone has their Technology predictions with their annual lists for the coming year.  Instead of coming up with my own, I figured I’d simply regurgitate what many others are expecting to happen.

Cloud computing in 2013: Two warnings: @DavidLinthicum has his two tragic cloud computing predictions for 2013 (price wars & skills shortage).  Nice to see some realism mixed with all the 'this is the greatest.'

10 Cloud Predictions for 2013: CIO has an interesting slide show covering things like Hybrid Cloud, Management, Brokers, SDN, Outages and a few other critical components.

RSA's Art Coviello: 8 Computer Security Predictions For 2013: Attacks grow, Hackers grow, business's not prepared grows along with investment, analysis and intelligence to mitigate threats.

Security Predictions 2013-2014: Emerging Trends in IT and Security: SANS gets some input from various industry folks on what they think.  Areas like authentication, mobile devices, Windows 8, geo-forensics, gamification and others are highlighted

Top 6 security predictions for 2013: InformationWeek India lists FortiGuard Labs predictions covering APT, two factor auth, M2M exploits. mobile malware, and botnets.

Tech Guru Mark Anderson's Top 10 Predictions For 2013: Forbes' list is cool since it goes beyond just security, cloud and IT.  Yes, mobile and hacktivism are covered but also Driverless Cars, eBooks, Net TVs and the LTE vs. Fiber battle.

Top predictions, about IT predictions, for 2013: Of course I love the title and this article digs into the question of  'is any real insight uncovered' with these predictions?.

Forrester: Networking predictions for 2013: ComputerWeekly shares 4 of Forrester's report on eight critical predictions for 2013.  SDN, WLAN, Strategic sourcing and staffing make the list.

7 Predictions for Cloud Computing in 2013 That Make Perfect Sense: Back to Forbes again, this time specific to cloud.  Private clouds, personal clouds, community clouds, cloud brokers, and even a prediction that the term 'cloud' starts to fade.

2013 Astrology Predictions: Gotta have a little fun and give you something to look forward to based on your astrological sign.  That is, of course, if we make it past Dec 21.

Certainly not even close to an exhaustive list of all the various 2013 predictions but a good swath of what some experts believe is coming.

OK, and here are just a few of my own:

BYOD Matures - instead of managing entire device, only those corporate apps and data will be in control.  Mobile Security and BYOD come together.  Also, things like cars and TVs that have internet connections will get added to the BYOD realm.  Why couldn't a road warrior access his VDI from the car's NAV screen?  Why couldn't someone check their email between commercials.  Anything with an IP and screen is game.

Major Mobile Malware - we've seen some here and there but think there will be a big jump in attempts to get at device's info...especially as more BYOD gets deployed.

Cloud Classification (Pub/Pri/Hy) - lines become even more blurry as they all are used to create Hybrid Infrastructures.  No one cloud will take over but will be a part of the entire infrastructure which includes in-house, cloud, leased raised floor, and just about any place that data can live.  There might also be some movement on Cloud Standards.

More Breaches/DoS/Hacktivism - if 2012 is any indication, this will continue.

Hacker Defection - I think there will be more ex-malicious hackers going mainstream and joining legit companies - and they will expose some of the tricks of the trade.

ps

Resources

The Top 10, Top Predictions for 2012 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Tuesday, December 4, 2012

Security’s FUD Factor

Had a short but interesting twitter exchange with @securityincite @Gillis57 and @essobi(Mike Rothman, Gillis Jones and not sure (sorry!!) respectively) about using Fear, Uncertainty and Doubt when talking IT security services.  @Gillis57 initially asked, ‘Question: We discuss FUD constantly (and I agree that it's too prominent) But isn't security inherently built upon fear?’  I sent an ‘09 Rothman article (@securityincite said it was ‘old school’ but still has some great comments) about that very topic.  Soon, @essobi chimed in with, ‘Our foundation shouldn't be fear, it should be education. :D,’  @Gillis57 responded, ‘So, look. I agree wholeheartedly, but why do people need to be educated?’  @essobi answered, ‘imo? Bad programming/exploitable logic processes. we need to raise the bar or lower expectations.’  @Gillis57 added, ‘I really don't think we need to keep selling fear, but denying that we are a fear based industry isn't helping.’  @securityincite wizdom’d with, ‘Fear is a tactic like anything else. Depends in situation, context, catalyst. And use sparingly.’  And I conceded that, ‘splitting hairs but I try to talk about risk rather than fear -  what's the risk if...which often generates fear.’

Most of the time when we talk about security there is a fear factor because we are talking about risk.  Risk is the potential for something Bad happening and typically those things scare or make us uncomfortable.  Often when vendors talk about things like protection, benefits, etc, it’s measured in terms of numbers, stats, performance…metrics. 

Security is also about Peace of Mind; a feeling that you have.  Those military people who can get some good sleep even with bullets flying over their heads have peace of mind.  Even in a very high risk, dangerous, vulnerable and insecure environment, they feel secure.

I saw an article about the difference between selling insurance and the lottery – Fear vs. Dreams.  Maybe we should discuss IT Security in terms of how it has made an IT guy’s life better?  I think it would be cool if ‘security’ case studies included a side bar or something with a quote that brags, ‘Now that we have this solution installed, I’m able to attend my daughter’s piano recitals.’  ‘I’m able to get a good night’s sleep knowing that our web site is ok/won’t get paged at 3AM/won’t have to work for 16hrs.’  Adding to the quality of life over and above the usual ROI/TCO/performance/$$.

How it may have enhanced life.

How it gave peace of mind.

How it Reduced Stress.

How it allowed someone to be home for dinner.

How it allowed someone to enjoy the weekend, do that Science Fair thing with the kid, take a longer vacation…

It might be cool for the industry (and the general public) to read how another’s life improved when security is deployed along with all the breaches and headaches.  Ultimately, that’s what we are all chasing as humans anyway – that harmony, balance, peace of mind, quality of life, family, love…the cores of our being rather than what we do for a job – even though our work does have a lot to do with quality of life.  I also think that education is part of our duty.  Not in the ‘Knights of the Roundtable’ duty but if someone needs our security expertise and is willing to learn, sharing (and ultimately, awareness) is important to ensure a more informed public.  That is simply being a good internet citizen.  And yes, fear does have it’s place especially when someone is not getting it or ignoring that others are at risk.

We frequently talk in terms of rational thinking ($$/performance) when security is quite often about an emotional feeling.  That’s why some often use FUD to sell security: Fear: emotional, Uncertainly: more emotional than rational, Doubt: gut feeling with little data.  But instead of tapping those negative emotions, we should shoot for the Feel Good emotions that provide safety and security.  The Dream.

-eh, just an idea.  And many Mahalos to @securityincite @Gillis57 and @essobi for a blog idea.

ps

References

Technorati Tags: F5, smartphone, insiders, byod, Pete Silva, security, business, education, technology, fud, threat,human behavior, kiosk, malware, fear, web,internet, twitter

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]