I think Warren Zevon song “Send lawyers, guns, and money” was a metaphor about the condition of fighting security vulnerabilities within corporate America. Many operating systems threats originate from the former Soviet Union, Europe, Middle East, and Africa where the long arms of the law can not prosecute. It’s a huge financial gamble today for corporations not to take very aggressive actions against these vulnerabilities. Check out these stats - - It’s not difficult to explain why fighting normal security threats isn’t enough anymore;
- Number of active Phishing sites nearly 3k, new Axis-of-evil hosting sites Canada, Korea, US.
- Identity theft fraud losses est. $53 billion annually, 10mm individuals affected and companies experience cost averages internal 2-3mm verse 57k external per incident.
- Personal Liability of Identity Theft; between $5k and $10k.
- Credit Card fraud 10mm annually / 160,000 incidences / 45mm compromises.
- 2+Billion spent on security consultants, and rising by 15% annually.
Which brings me to another point; my personal carbon based security system is called Kasie. A 65lb yellow Labrador retriever who generates many false positives (i.e. continuous barking), articulated in painful detail by my neighbors. She is frequently disabled by the “Red-Collar” that contains a special electronic device that administers a small shock when barking occurs. I’m sure both neighbors and criminals love it!
Security technology can also cause the same effect generating excessive Security Information and Event Monitoring (SIEM) without context of usage. Too many false positives and you just want to shut it down, resulting in letting the criminals in. The delicate balance is driven by the law of; stopping the bad guys is good, stopping the good guys is extremely bad. Making sense of all this data and developing a proactive response plan is the first step in taking an active offensive position.
The good news from my perspective is that the space is getting a tremendous amount of attention, and many Emerging Business startups are presenting very creative solutions covering hot spots fitting perfectly into corporate strategies. In case you haven’t read my bio yet, I joined the Microsoft Emerging Business Team July 2005 managing the Security Portfolio. The Microsoft Emerging Business Team (EBT) works with venture capitalists (VCs) and Independent Software Startups (ISVs) start-up companies worldwide to enable innovation and accelerate the software ecosystem. The Microsoft EBT mission is to identify and facilitate opportunity for start-ups and VCs, acting as the single point of contact and accountability to Microsoft. I have roughly 250 Security companies (70% Microsoft based) growing by est. 25 per month and constantly scanning the portfolio for disruptive players for trend setting technologies.
In the near future I will post trends, links, hot spots and feature companies that I find very interesting - - and of course if you have something you’d like me to check out please don’t hesitate to reply, or e-mail me on the topic.