The next step in Malware? May 30, 2008
Posted by Andrew Berkuta in Security Screams.add a comment
About two (2) years ago, I wrote a whitepaper on the next morphing of threat called Xeno attacks (xeno-ttacks) and predicted that we would be getting close. (www.mcafee.com/us/local_content/white_papers/wp_xeno.pdf)
Today, I still believe that this is VERY possible and even probable, such that it is even more of a threat with the broad implementation of virtual technology. This would bring an interesting addendum to the whitepaper and would be something that would have to activate and correlate at the hypervisor level.
Interesting to see what the next morph would be. Time will, unfortunately, tell.
Cheers, for now…. back to the bunker.
Outsourcing…is it REALLY worth it? May 27, 2008
Posted by Andrew Berkuta in Security Screams.add a comment
After many claims for “better ROI, price points, value, cost per share, …whatever”, I have talked to many people regarding wholesale outsourcing of IT functions (help desk, management, etc). Here is what I have noticed:
* The decisions are often tactical, and not strategic. It looks good initially for cost savings and initial shareholder value, but you loose intellectual capital in farming out your enterprise, which costs you exponentially more without anything tangible to show for it.
* aside from language barriers (and there ARE barriers – remember communication is a TWO way street), there are definite conceptual and articulation issues of them between cultures.
* you inherit the deficiencies and stigmas of the company you outsource to. For eg. If outsourcing to a company in a foreign country, you take on immature infrastructure issues, natural disasters, government strife issues, and this can cause downtime, and force you to “invest” in bringing those entities back on line and fixing their issues. (Why not invest in your own company to begin with and leverage it?!) Tactical.
* No matter how “justified” it is to outsource, it is just that – justified by someone who most likely has their job on the line if their recommendation to outsource does not pan out. Makes you wonder.
* Your loose control of intellectual capital, quality, and controls for managing data loss. Lets face it, if someone abroad walks out with your data, (and it HAS happened), it is up for the highest bidder. Nuff said!
In short, I am not a fan of organized labor, they had their day. I AM a fan of keeping your knowledge and capital where it ought to be … with you, not your competition.. or one day.. a future GLOBAL (thank YOU very much) competitor.
Just my two cents worth. Common sense, that is.
