[Dailydave] Tomorrow's ISSA talk

[dan at geer.org]

Gregg Dippold writes to Dave Aitel:
 >Apoptosis is effective due to the modular nature of the body
 >and the relatively low cost of cells.  We need to engineer higher
 >levels of modularity into our systems.  When you look at the cell
 >and the diffusion rates across the membrane some approach the
 >limits of physics.  We have a long way to go in our systems to
 >equal that at a low cost and include self-replication.  One other
 >thought a 3 day fast will regenerate the immune system and improve
 >it by getting stems cells to regenerate the white blood cells
 >(google longo+fasting+chemotherapy).   What's the metaphorical
 >equivalent of that? Cut IT's budget to zero for a quarter, remove
 >all the legacy systems and let them purchase new ones?

Slight side note: With a colleague we run the Index of Cyber
Security, a survey-based monthly risk assessment constructed
much like the Consumer Confidence Index merged with the
Purchasing Managers Index.  Same questions every month, and
so forth (see cybersecurityindex.org and, YES, we are always
looking for participants who know things through direct
operational responsibility for security; participants and
only participants get our detailed reports.  Be in touch).  

We also ask one extra question each month.  Thirty+ months
ago we asked what percentage of the respondent's current
installed security products would they buy again if starting
over today.  The composite answer: 64%, which is to say 36%
would be dropped if starting over.  (As several respondents
pointed out, getting something in an enterprise's security
suite dropped is harder than getting it added, organizaitonally
speaking.)

--dan