Just want regular readers of this blog to know, after using this blog to publish a couple of podcasts last week I recorded on Event Processing (which promises to be the next big wave of IT), I am back to my regularly scheduled blog. And you could say security could almost also be considered a part of event processing, only in the fact that security is focused on bad events.
There is an interesting article over at Dark Reading on the massive disruptions Web 2.0 is causing to the whole idea of security. In a speech at Interop '08, Gary Hodge, executitve vice president at CTO at U.S. Bank, said, "After years of keeping them protected from the outside world, we're now exposing our internal systems to our customers; it totally changes the way we look at security. Now, we have 3.5 million customers who are accessing our systems legitimately -- plus that group of bad guys who are trying to break in."
It's almost like the change of warfare from the old days to now: in the old days, the bad guys faced off against the good guys in an area away from the general population Today, warfare happens on the busiest commercial streets, the good guys mixed up with the bad, which means to succeed, you have to protect yourself from everybody.
Perhaps the most significant disruption is the simple fact that, with so much SaaS and Web 2.0 now a significant part of an employees legitimate work day (to say nothing of illegitimate, or semi-legitimate), the browser in essence has become the new operating system.
Said John McNulty, chairman and CEO of Secure Computing, "Securing the network at the perimeter used to work. That's not going to work anymore."