Saturday, 29 March 2008

More great news.

I'm sitting in my lounge at 4:15am, writing this for something to pass the time whilst a plumber fixes a burst pipe. I went out to play poker earlier and did pretty well, came home £130 up, but that will all go on the plumber's call out charge, and then some.

Google's full of news stories about the credit crunch, recession, house price crashes, etc. "Rip-off Britain" being one of the more bandied about phrases. I'm expecting the plumber to charge me quite a lot, probably near on £300. It will hurt, especially as I will no longer have a permanent job at the end of the week.

The thing that strikes me about the economy is that if everyone just shut up with all the doom and gloom, it would probably be fine. It's fear that drives recession, not shortage of cash. I'm not particularly scared, so I will fork out my £300 to the red-eyed plumber for his valuable time. I hope it affords him a couple of cups of coffee (we didn't make him one - can't afford it). I am short of cash, and will be shorter in about 10 minutes. I still don't think that makes me stuck in a recession.

I think I must have smashed a mirror or walked under a ladder at some point, my luck has been pretty bad for the past few years - gambling I'm fine, but personally I have had some severe blows. Hopefully it was 7 years ago now, and soon things will start to improve. I'm not holding my breath though. Not until the water comes pouring through the ceiling anyway...

Thursday, 27 March 2008

Now what?

At some point in every man's life I'm sure they come to a cross-roads where each road seems equally inviting, only to stand around gormlessly, staring into the distance, first one way, then another, thinking real hard the whole time, but not actually moving.

Well, I've done that for about 6 months now, and today I'm even further in my hole. In a week Ingrian will be no more, SafeNet have made me an offer for consultancy which doesn't meet my baseline, so I have some choices:
1. Take up another offer which has landed on my doorstep
2. Start up my own business
3. Look into another permanent opportunity which appeared in my mailbox this morning
4. Take a break and worry about income
All have their pros and cons of course, but I can't weigh them up anymore. I've been let down by so many sure things, and then again I've had so many good times with things I haven't expected. My crossroads is tangled and impermeable.

Offer 1 - Short term, may lead to permanent work, but also may lead to more consultancy in other positions. This would require some sales efforts on my part.
Offer 2 - Hard work, but ultimately rewarding. I'm pretty shattered after the last year to be honest, could use a break rather than more stress.
Offer 3 - Sounds really good, and through a guy who I count as a genuine friend despite our geographical separation. Again, I'm quite tired right now and need energy to run at a permie job.
Offer 4 - I have a wife to support and no other income except poker, which said wife will not allow me to take up full time.

I guess this is a nice position to be in. I've spoken to approximately 100 people today, each with various ideas and suggestions, some possible work coming up, permanent jobs here and there, future contracts, etc. Even the opportunity to go back to Barcelona has been discussed, but it is still too soon to leave my family, much as I miss the place.

I think maybe I'll pitch my tent at the crossroads and take a step back for a while. Any suggestions gratefully received however. Anyone got a good way of making decisions that doesn't involved coin tosses or witchcraft?

Wednesday, 26 March 2008

Too late for the bandwagon?

How's this for a snappy title to a tech article?
Websense Unveils First Internet Security "HoneyGrid" to Discover and Classify Web 2.0 Content and Help Businesses Safeguard Essential Data
Woo, I want to read more. Sadly it's overblown posturing.

Actually, if you can wade through the unbelievable bits, the FUD, the dissing of competitors and then some general tripe, then this sounds like a good idea. Just not for the reasons they think.

I wonder if they'll actually get it to work? If they really can 'classify the web', and I intend to do some thorough questioning at RSA to this effect, they are surely on to a winner. However, if this is just hopeful arrogant marketing, then they could end up looking a bit sad.

Let's hope it works, eh?

Jumping the Safe(ty)Net

Posts have been thin on the ground recently, mainly due to the fact that I've been quite busy, but also due to going on holiday twice this month. It's been great, particularly as I went to Venice and Amsterdam, two of my favourite cities, possibly due to my love of water (not to mention snow!)

It's difficult to write anything at all during an acquisition though. Anything I write could be scrutinized by current or future employers. In fact, I always think it's a good idea to keep on friendly terms with as many people as possible, just in case.

The acquisition of Ingrian by SafeNet has been pushed out by a further week, something to do with contract law which is neither interesting nor relevant, but it means I get to work with my chums for another week at least... as I regret to inform that I have decided not to take up the opportunity to work with SafeNet moving forwards.

Much as I admire SafeNet and think this acquisition will serve them well, I'm just not the right guy for the job. I'm far too big, selfish and stroppy to be a small fish in a big pond. I like start-ups, I like products which might just be fantastic, but no-one really knows about them, or if there's a market for them yet. I like working out what's going to be next, and how, and helping people understand the UK/EMEA Channel. It's something which can be particularly difficult to get to grips with for some reason, but then I guess I've been in it for some time. It's second nature to me, but it's way more complex than my American cousins in particular typically give credit for.

So now I'm talking with the relevant people at SafeNet to arrange some consulting, teaching my knowledge back to the SEs there and completing any half-finished accounts before I head off into the sunset, but I've already got several other irons in the fire. I can't say what they are yet, but I can't wait for RSA. If you're from one of the many SF-based vendors who has already contacted me, I'm really looking forward to meeting up.

If you're one of the few who hasn't, what are you waiting for? Drop me a line...

Monday, 10 March 2008


When emails from Ken Belva appear in my inbox, I get a slight charge of excitement. He's another one of my security heroes, (I refuse to use the word 'guru'), someone I've quietly respected over the years and has had no small part in influencing me to get where I am.

So when that mail is asking me to help him, I ask not why I should jump, but how high. I encourage everyone to take a look at Ken's new site. I just hope it doesn't stop people coming by here having so much information in one place, from so many incredible security minds...

Announcing, an information security magazine in a blog format. is written by professionals for professionals.

Our magazine delivers content for executives and practitioners written by working information security executives and practitioners.

Our columnists are respected information security veterans who hold influential positions at major corporations. prides itself on being free from vendor and commercial influence. Our columnists have an amazing flexibility to write their columns as they see fit with minimal editorial constraints.

Spotlight on Our Columnists

This week and next we will be spotlighting our columnists. We have some great column posts scheduled for publication.

* Monday: C. Warren Axelrod - ROSI: Security Returns?
* Tuesday: Frank Cassano - The core truth of risk
* Wednesday: Allan Pomerantz - Our End Users: The Weakest Link
* Thursday: Micki Krause - Core Program Practices: Assess, Implement and Monitor
* Friday: Sam Dekay - Information Security: Orphan of the Org Chart?
* Monday: Russell Handorf - Wi-Fu! Attacking the 802.11 Client
* Tuesday: Derek Schatz - Are We Less Secure Now Than Before?

iPod Newsletter Raffle

Any corporate (.com, .net, .com.xx, etc.) or educational (.edu) activated email address registered between Monday, March 10th, 2008 and Friday, March 15th, 2008 on will have the chance to win a free 8G iPod Touch with video. We will mail the iPod anywhere in the world. Generic email addresses (such as,,, etc.) are not eligible to win. All entries are subject to our discretion. We will pick the winner and contact you via email for your physical mailing address.

Blogging from MISTI InfoSec World 2008

Stay tuned for posts, pictures and possibly video of InfoSec World 2008.
Point your feed reader here for all of the RSS action!

Qualified Writer?

Please review the columnist agreement. If qualified, please email us at authors() or contact the editors through the contact form.
Sadly I work for a vendor, so I won't be able to post anything for the moment, but you can bet your bottom dollar I'll be reading. Cheers Ken, and best of luck. I don't think you'll need it.

Saturday, 8 March 2008

Rothman starts a(nother) fight

Taking advantage of the fact that I announced that I would be away for the last week, Rothman spiked my exclusive with his usual sharp-edged sarcasm and said I would be stupid not to praise my erstwhile employers, or indeed the incumbents.

Whilst I have always been friends with the people at Ingrian, and owe much of my career to them, this is of course, nonsense. I made a point of saying clearly when I joined that no-one would stop me speaking my mind here. Before, during and since the takeover was announced I was treated with nothing but respect, assured of my job safety, and handed over to SafeNet like the precious nugget that I am. This is also bollocks of course, but I wasn't nearly as deferential in the process as Mike supposes it is wise for me to be.

First off, I get job offers like Britney gets court orders, I'm not quaking in my boots here.

Second, I knew this was happening, it wasn't sprung on me.

Third, OK, there was some back-dating stuff going on a while back, when everyone and his dog was doing it, but that was the old guard, these are the new guys. SafeNet are a good security company with deep pockets. They have a very high profile in the private sector, especially financials, certainly in the UK and Europe they do anyway. Ingrian has the retail space cornered, and all they need is more people to cover more territory. Putting the 2 together completes a picture for me, it doesn't detract anywhere.

I hope SafeNet wouldn't gag me for speaking my mind, but I hope they wouldn't want me to go saying they were wonderful and marvelous without having something to back it up either. I stand by what I said. I think this is a smart move for both companies, Ingrian gets a cash injection and a broader sales base, SafeNet gets a great piece of kit and a really tight knit company with some fantastic people in it. Morale has rarely been so high in a company that I've worked for (which makes it sound like it's my fault). I don't make anything on the stock options, but I've only been with Ingrian for 6 months, I wouldn't expect it. Other engineers may be more annoyed at that.

I don't even know what my new role will be in SafeNet. I've been in Venice, freezing my nuts off on the Grand Canal for the past week. I'll speak to them next week and let you know. In the meantime I'm planning my next trip Amsterdam at Easter before the round of security conferences starts in April. Maybe there'll be a Rothman v. Newby UBC (Ultimate Blogging Contest) fight at RSA?

Bring it on!