Happy Birthday Angry Birds! Thanks For The (In)Security!

Tyler Shields

Image Source: http://www.jbgnews.com/2014/09/angry-birds-developer-rovio-entertainment-struggling/430304.html

We’ve all done it. We've spent hours flinging birds at pigs, only to be frustrated with that one little piggy that got away. We can all thank the phenomenon “Angry Birds” for this wonderful experience. Today marks the fifth birthday of the release of the original Angry Birds. Since its release, the highly successful mobile game creator Rovio has gone on to sell hundreds of millions of dollars of mobile apps, licenses, and merchandise amassing $216M in revenue in 2013 alone. Who knew that a simple change in game mechanics could gain such a cult foothold with the public? From a business perspective, the team at appfigures did a great write-up on the history of the franchise, along with its successes and failures in the eyes of the public. If you’re interested in the business life cycle of apps in the public app store, I highly recommend you go read their research: Angry Birds Turns Five: What We Can Learn From The Franchise’s Success.

Read more

Crowdsourcing my RSA panels

Rick Holland

The San Francisco RSA conference is now less than two weeks away, and this year I am moderating two great panels. I thought I'd reach out and solicit suggestions for discussion. 

1) Too Big to Fail: CISO Panel on Scaling Security in the Era of Big Data

This Forrester-moderated panel of top security executives from Allergan, Zappos and Humana will discuss the impact of scale in solving Big Security challenges. Issues from the importance of scale in detecting advanced threats to benefits to the average user will be debated. Drawing on their experiences, these experts will share their views on why scale matters in the era of big data.

Panelists: 
David Hannigan, Zappos, Information Security Officer
Stephen Moloney, Humana Inc., Manager, Enterprise Information Security
Jerry Sto. Tomas, Allergan, Inc., Director, IS Global Information Security
 

2) 50 Minutes Into the Future: Tomorrow's Malware Threats

Predicting what malware will look like five years from now requires more than a crystal ball. In order to fully understand future threats and challenges, you need a finger on the broader pulse of technological innovation. Our panel of esteemed experts will attempt to guide a better understanding of where we may need to target our defensive efforts in the coming months and years.
 
Panelists: 
Read more

Incident Response Isn’t About Point Solutions; It’s About An Ecosystem

Rick Holland

Today EMC announced the acquisition of Silicium Security.  Silicium’s ECAT product is a malware threat detection and response solution.  ECAT did not adopt the failed signature based approach to malware detection and instead leveraged whitelisting and anomaly detection.  Incident response teams can leverage ECAT to quickly identify and remediate compromised hosts.  ECAT joins NetWitness and enVision.  

Read more

Kim Kardashian And APTs

Rick Holland

On Wednesday, American footwear company Skechers agreed to pay the US Federal Trade Commission $40 million. This settlement resulted from a series of commercials that deceived consumers claiming that the Shape-Ups shoe line would “help people lose weight, and strengthen and tone their buttocks, legs and abdominal muscles.”  Professional celebrity Kim Kardashian appeared in a 2011 Super Bowl commercial personally endorsing the health benefits of these shoes.  

This settlement was part of an ongoing FTC campaign to “stop overhyped advertising claims.”  A similar effort would serve the information security community well.  For example, one particular claim that causes me frequent grief is: “solution X detects and prevents advanced persistent threats.”  It is hard, dare I say impossible, to work in information security and not have heard similar assertions. I have heard it twice this week already, and these claims make my brain hurt.

Read more