John Pescatore

I imagine that even in cave-people days there were some cave-people who sold stuff to other cave-people. (I have an 18 year-old daughter and just can’t bring myself to say “cave men” anymore, but boy does it sound better) Once they sold some stuff they realized they need to sell more stuff, and if the [...]

[Read more →]

Back in 2003 or so we started to have Gartner clients report targeted denial of service attacks. Back then it wasn’t uncommon for businesses that were highly dependent on Internet connectivity for revenue to get attacked as part of an extortion attempt – and it was also common for them to feel it was cheaper [...]

[Read more →]

Talking about worms seems sooo 2001, but they’re baaack!! In October 2008, Gartner put out a First Take warning about the severity of the Microsoft vulnerabilities in Windows Server services and the importance of rapidly pushing out the MS08-67 patch. The current wave of Conficker/Downadup compromised PCs illustrates what we were worried about. There were [...]

[Read more →]

Centralized control – mainframes or virtualization – won’t win today’s wars, IT or real-world.

[Read more →]

Cloud computing continues to proceed on its merry way through the Gartner hype cycle. As part of its trip towards the trough of disillusionment, clever hacks are coming out on how to make the cloud do bad things. Brett O’Connor has posted some simple directions on how to set up Bit Torrent services on Amazon’s [...]

[Read more →]

The brand new Secretary of the Department of Homeland Security, Janet Napolitano, issued a number of executive orders on her first day at work. Of interest to information security are directives to have DHS departments provide oral reports by January 28th on status of critical infrastructure protection, risk analysis, and state and local intelligence sharing efforts. 
It [...]

[Read more →]

I’m based in the Washington DC area so we’ve been in an Inauguration fog for weeks. But it is all over and now time to return to our regularly scheduled programming.
It is pretty clear that the financial meltdowns, and subsequent government bailouts of private firms, along with the change of administration in the US will [...]

[Read more →]

Change is the enemy of security – but only when security was working.

[Read more →]

Human progress is neither automatic nor inevitable… Every step toward the goal of justice requires sacrifice, suffering, and struggle; the tireless exertions and passionate concern of dedicated individuals. 
Martin Luther King, Jr. 
It is sort of fitting that on the day we celebrate Martin Luther King’s birthday that on King’s actual birthday (January 15th) the heroic efforts [...]

[Read more →]

TechFlash reported layoffs at Watchguard, and I’m sure we will see more at security vendors – just as we are seeing them at our own companies. In the real world (not the world where with each up-cycle everyone says “the rules have changed”) there are always business cycles and there are always lay-offs. You always [...]

[Read more →]