Saturday, November 05, 2011

In search of Infosec talk and beer... two of my favorite things!

It's Saturday morning. I'm having coffee and doing my required reading looking for opportunities to have happy hour next week with a few information security folks in the S. Baltimore area. Thought it might be fun to get a small group going to share insights over a beer and wings.

My first stop was LinkedIn. I have to say, I love LinkedIn. I'm a long time user. Don't really care for Facebook or the others but I like LinkedIn.  I thought I might send a note to a few of my contacts who are close enough to not have to go out of their way, but also who might actually have fun sharing information and experiences with others in my network. So I pulled four names from my contacts list. I'm generally pretty good about vetting those with whom I connect with, so those names are rock solid. They're all either CISOs or have been CISOs, but all have mad analysis skills, and frankly, are just plain fun to talk to!

Then I thought it might be fun to expand my search to figure out who might be in local groups that might share similar experience. While I'm not really interested in having a full blown morning conference, it might be fun to at least see who's around that might be fun to chat with another time. What'd I find? I found great stuff -I'm a daily reader of Cyber Aurora. Love it. I also found some not so great stuff. I'm not sure I'd like to out groups -they seem to thrive, but there's just SOOO much crap out there. In groups that would seem like no-kidding groups of smart folks, the marketing hype is knee deep! I remember once seeing someone with their arm over their head. I asked what he was doing. He replied he was saving his watch because the crap was rising fast (he used a different word!). It's what I'm seeing in many of the Infosec groups, and much of the noise we're hearing from vendors, a ton of startups, and seemingly in the news. One news guy I used to know (a CNN guy) used to say "If it bleeds it leads!". APT bleeds. One might also add to that... "If it bleeds it leads, and generates revenue!". I believe most vendors (based on personal experience in hearing the pitches) don't have any experience fighting APT. I'll tell you, I heard one L7 content monitoring and filtering (a data protection company) tell thirty CISOs in a conference room that his product (and his product alone) could stop all APT exfiltration. Hmmm.

So here's the deal. I'm looking for a few folks to pull together a local happy hour meet-up. Heck, I'll buy the first round. Here's what I'd ask.. Be a commercial infosec practitioner (I talk to government people all the time!). Have an opinion! I'd love to hear your thoughts on infosec (especially APT), trends you're seeing, products you use..

Join me? I'm looking at Tuesday 11/15 about 5. Location TBD.. I'm open to suggestions.

Jeff