I am not officially speaking at either conference, but I will be attending DefCon and crashing a few parties at BlackHat.  I look forward to touching base with a few old friends that I only see every year or two.  If you are in Vegas already, call my cell.  Number hasn’t changed in 6 years, otherwise drop me an email.

The following story from the Washington Post attracted my attention.  Full Story

- "The head of a payment processing firm that was infiltrated by
computer hackers, exposing as many as 40 million credit card holders to
possible fraud, told Congress yesterday that his company is "facing
imminent extinction" because of its disclosure of the breach and
industry’s reaction to it.  "As a result of coming
forward, we are being driven out of business," John M. Perry, chief
executive of CardSystems Solutions Inc., told a House Financial
Services Committee subcommittee considering data-protection
legislation. He said that if his firm is forced to shut down, other
financial companies will think twice about disclosing such attacks." -

Are we supposed to feel sorry for this company.  I am happy that the market is imposing costs for failing to provide adequate security.  As I’ve stated in my presentations for about 6 years, the market is moving to a due diligence model.  If you can’t be diligent, then you should not survice.  If a drug company puts out drugs that kill people, the market goes after them.  If your business line involves protecting sensitive information, you better protect it, lest your competitor dance on your grave.  I am glad that Visa is playing hardball on this issue as market factors will be the single greatest influence on improving security in the next decade.

So, it is hard not to be bitter about this given the slimy acquisition of themselves a couple of years ago that led to my stock options going away.  However, that was under the old management regime, so I’ve got to give the new CEO and current employee base kudos for the turn-around.

I was the first Director of Intelligence Analysis at iDefense and this picture documents the first ever release of the iAlert product line.  This is edition number one and it led to our first sale ($1m subscription).  I won’t put any names with the faces, but there are a few folks who will get a kick out of this picture and the fact that iAlert is still the iDefense flagship brand product.

The London terror attacks have obviously been the focus of my day.  All my analysis goes into the TRC for events like this.  I am incredibly proud of the work our team has been doing.   TRC London Attack Coverage