http://www.bloginfosec.com/2009/04/27/%e2%80%9cinfosec-you%e2%80%99re-doing-a-heck-of-a-job%e2%80%9d/ An Information Security Magazine in a Blog Format Mon, 30 Jan 2012 11:01:25 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.bloginfosec.com/2009/04/27/%e2%80%9cinfosec-you%e2%80%99re-doing-a-heck-of-a-job%e2%80%9d/comment-page-1/#comment-20184 James Anderson Mon, 27 Apr 2009 22:26:06 +0000 http://www.bloginfosec.com/?p=876#comment-20184 Hmmm. Axelrod -- who I think was a recent winner of the Infosec Executive of the Year Award -- believes that the RSA Conference was an example of "...ostentatious celebrations of infosec grandeur that is both pretentious and sad at the same time. Here are the leaders of our field pontificating about the great things of which our profession is capable, while, at the same time, information security is in the worst state that it has ever been." Well, at least he's got pretentious down to a science: blogging about RSA when he didn't attend -- in fact says he has never attended and could not justify a week-long conference... As for pontificating, he takes a great run at that one also: stating that industry better "step up to its responsibilities or else the government will have to step in and take control." Oh, yeah, that's the ticket. A little bit more of "C2 by 92" and we'll all be buttoned up. Shoot, as long as we can nationalize all the big banks, nationalize the automakers, and borrow unlimited funds to do it from the taxpayers, almost anything is possible. So you RSA attendees better suck it up and get things fixed pronto. Or uncle Hugo Chavez will step in and take care of things and it won't be funny... I for one think we need a little less pontification from all sides and recognize one essential truth about information security: INFOSEC IS GETTING ALL THE EMPHASIS THAT CAN BE EXPECTED GIVEN THE LEVEL OF PRIORITY AND SUPPORT IT HAS RECEIVED FROM GOVERNMENT AND ENTERPRISE. The notion that we can fix infosec while at the same time we fix the economy, health care, energy, global warming, Afganistan and Iraq is just absurd. While we have bigger fish to fry right now, infosec professionals will continue to guard the ramparts -- we should not however, expect to win the war tomorrow. Hmmm. Axelrod — who I think was a recent winner of the Infosec Executive of the Year Award — believes that the RSA Conference was an example of “…ostentatious celebrations of infosec grandeur that is both pretentious and sad at the same time. Here are the leaders of our field pontificating about the great things of which our profession is capable, while, at the same time, information security is in the worst state that it has ever been.” Well, at least he’s got pretentious down to a science: blogging about RSA when he didn’t attend — in fact says he has never attended and could not justify a week-long conference… As for pontificating, he takes a great run at that one also: stating that industry better “step up to its responsibilities or else the government will have to step in and take control.” Oh, yeah, that’s the ticket. A little bit more of “C2 by 92″ and we’ll all be buttoned up. Shoot, as long as we can nationalize all the big banks, nationalize the automakers, and borrow unlimited funds to do it from the taxpayers, almost anything is possible. So you RSA attendees better suck it up and get things fixed pronto. Or uncle Hugo Chavez will step in and take care of things and it won’t be funny… I for one think we need a little less pontification from all sides and recognize one essential truth about information security: INFOSEC IS GETTING ALL THE EMPHASIS THAT CAN BE EXPECTED GIVEN THE LEVEL OF PRIORITY AND SUPPORT IT HAS RECEIVED FROM GOVERNMENT AND ENTERPRISE. The notion that we can fix infosec while at the same time we fix the economy, health care, energy, global warming, Afganistan and Iraq is just absurd. While we have bigger fish to fry right now, infosec professionals will continue to guard the ramparts — we should not however, expect to win the war tomorrow.

]]>