Security's Everyman

Security's Everyman

Thursday, December 13, 2007

Christmas List, End of Year Wrap-up, Predictions for 2008

My Christmas List
I've noticed that the older I get the more content I am with what I have. My Christmas list isn't very long and most of the items are things that I don't need and they are too expensive to ask friends or extended family to get for me. Here it is in order of preference:

  1. 2009 Dodge Challenger (I can't wait until these things hit the street)
  2. 1967 Chevy Camaro SS Convertible (call for specifics)
  3. 2008 Harley Davidson Fat Bob Motorcycle (Not the Fat Boy the Fat Bob)
  4. 17" Apple Mac Book Pro with 4 gig of Ram and 250 gig Hard drive (just because)
  5. 160 Gig Apple IPOD (my 4 gig nano still has space on it)
  6. Magellan Maestro 4210 Portable GPS (not sure what I'll do w/ it but I want it)

Now for my thoughts on 2007 and what happened in IT and Security.
It was a big year for me in terms of my career. Early in January I was notified by ISC2 that I passed the CISSP exam and was now officially certified. Also, I had been wanting to move my career from a "in the trenches" roll to more of a strategic planning roll and it kind of snuck up on me. I was laid off in May and found a Network Security job that quickly became one where I was asked to create an official security plan and lay the ground work for the overall program. So I've touched very little technology in the last 7 months and have become good friends with policy, procedures and compliance. It's been fun although I'm itching to get some 1's and 0's under my fingernails again. :)

There were lots and lots of big stories mostly dealing with data loss, theft or breaches. It seems that every week there was something new happening that gave us reason to hold tighter to our wallets to ensure that our bank accounts weren't emptied or our Identity wasn't stolen.

In my humble opinion one of the best things to happen in 2007 is the Security Catalyst Community. Why? Because there is a quiet storm brewing there. Most people who are in the community only see the surface of what is happening. There are people in the community who are serious and passionate about security and they are actively working to make some changes. There are some people in there who stop and think and make others think. I think that in the near future this group of people are going to make significant strides towards making a difference.

What will next year bring?
I really don't know. I'm not an analyst who looks at trends and acquisitions and such and comes up with predictions. I know that there will be good bad things with regards to security. I know that companies will introduce new products and technologies that will make great strides towards making us more secure and then the bad guys will figure out ways to get around them. People will continue to make bad choices in regards to their online habits and cause problems for themselves and others.

What does this mean? It means that we have to continue to be on our toes, we have to work together to protect the internet, we have to continue to think about what we do, why we do it that way and is there a better way. I think 2008 will bring lots of new ideas on how to do things better. They may not (probably won't be) technology focused. They will be people focused and conceptually focused. More people will question why instead of just following the crowd. This may not be good news for vendors because we will discover that we don't need new products to do things that we really don't need done.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.