Reports as Instructions

By Rob Enderle  |  Posted 2004-04-12 Print this article Print

I read the NPR transcript shortly after going through the mother of all security checkpoints in Denver. I was thinking that while all of the money being spent to scan my tennis shoes was simply to make me feel safer, there is no doubt in my mind that the best protection is still likely the air marshals, the locked, armored door protecting the pilots and the armed pilots themselves. Much of the rest of the stuff is simply a dream come true for the firms that make the related equipment and provide the services to run it. The airlines may be going broke, but the airport security industry is doing extremely well.
It doesnt matter which platform you are on, you are probably being killed by patches, and each new security system or practice you put in place slows down your companys performance and, much like in the airline industry, makes it harder and harder to compete.
You live under the hope that its the same for everyone else. But as certainly as new airlines such as Jet Blue take out near monopolies such as American Airlines, you, too, may learn that the escalating security technology benefits younger, smaller companies that can more easily adopt to the changing—and largely artificial—environment. It is particularly galling when you realize that a virus generally results from a security firms report that an exploit exists. Some of these reports contain enough detail to, in effect, provide instructions for the virus writer. Some of these companies may be actively increasing our risk so that we become addicted to their offerings. There is a widely held belief, which I certainly hope isnt true, that some of the firms may actually be writing some of these viruses. Once you start to believe that parts of the industry may be corrupt, it isnt very hard at all to take that last step. Even if you think this a huge pain for your IT department, think of the poor software vendor. A security company, after substantial work, finds an exploit, and it may tell the vendor candidly or tell the world publicly. Even if it is candid, it will argue, "If I can find it, so could someone else." Were I the vendor, Id suspect that the security company would leak its discovery either accidentally or to prove the point. If the vendor patches too often, it will lose its customers; if it guesses wrong and doesnt patch in time, the security firm will point out that the vendor "knew" of the exploit and didnt act quickly, and the vendor will lose customers. Even if vendors patch in a timely manner, some customers (on the desktop, often "some" is a really big number) wont apply the patch quickly, and theyll lose some customers. Next Page: Invest in a strong chief security officer with enough resources to fully assess the risks.

Rob Enderle Rob Enderle Enderle Group 389 Photinia Lane San Jose, CA 95127

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel