[Dailydave] The new model of insecurity

Dave Aitel dave at immunityinc.com
Mon Mar 31 17:16:37 EDT 2014 

http://www.rsaconference.com/videos/126/the-new-model-of-security

Cisco's keynote starts with the traditional eyeball gouging "humorous"
video making fun of how it's hard to get different security solutions to
work together. Wouldn't it be easier if everyone just bought everything
from Cisco? I'm sure it would! The video ends with all the actors
cursing at the audience, which is telling, and then Christopher Young
apologizing for the video, like it's the first time he's ever seen it
and he's sorry for subjecting the audience to the cursing parts of it,
or, you know, any of the "jokes".

After that it is a painful sit-down between Christopher Young (SVP of
Cisco's Security Business Group) and Padmasree Warrior (CTO/Chief
Strategy Officer of Cisco). Why do companies do these sit-down style
keynotes? It's like someone did a study on the most unlikely way to
capture an audience's attention, and then implemented it as relentlessly
as a Chinese SSHD password brute forcer.

At one point Padma says "I'm not a security expert and you are, which is
why I hired you". The Chief Strategy Officer of Cisco is not a security
expert?! Lovely.

These things are scripted to sound unscripted, but instead they sound
like horribly written scripts delivered by people who hate what they are
saying. That, or there was some sort of contest on the least funny way
to say "Internet of Things" eighty times in 24 minutes - and let me tell
you, they *found* it.

Open APP ID
<http://www.drchaos.com/open-app-id-cisco-commits-to-open-source-and-application-identification/>
gets announced to no applause whatsoever. "The policy can be dynamic. We
need a community working on that. " Or in other words, "Please somebody
do our work for us so we can catch up to whoever the market leader is in
this space". Marty might have to explain this to us all in better terms
on the list here, cause Padma and Christopher chew their explanation up
like a three year old eating a Lima bean and Brussels sprouts salad.
They want to build controls for applications except the mobile systems
they want to control are not under enterprise control at all (they
"assume the devices are untrusted"), and the network traffic will be
encrypted. So how are they controlling things again?

In the end, these people got on stage to demonstrate that they have a
muddled thought process and no clear vision for the future. Look, after
watching this you can't help but feel sorry for everyone involved in the
production of this keynote, and the entire marketing team the CEO of
Cisco fired after watching it on YouTube. I'd worry if I was either
Padma or Christopher as well because they've clearly lost sight of both
the forest and trees, if this keynote is anything to go by.

-dave





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140331/c40e7faf/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140331/c40e7faf/attachment.sig>

More information about the Dailydave mailing list