Does this signal a change?
Perhaps this is the beginning of a new era where corporations will stop playing victim and be proactive with their security.
After nearly a week of rumors IBM has confirmed it has bought incident response firm Resilient Systems and so gained the services of its CTO security guru Bruce Schneier. "We are excited to be joining IBM Security, the industry's fastest-growing enterprise security company," said John Bruce, Resilient Systems' CEO. "By …
Indeed so. Even more, there exist organizations that consider IT to be "not our core business" and therefore an expense to be reduced as far as possible. These probably do not even consider information assurance as a separate category.
It is to be hoped that such organizations are becoming fewer, in view of the apparently increasing level of threat, and that those where the managers have some degree of reason are outsourcing to companies with a sense of what is needed.
I hope so on Cryptogram, but IBM has a lot of contracts with the intelligence community. I worked at their Almaden Lab about 10 years back, and our group had a contract with a 3-letter agency that we internally half-jokingly called "the customer that cannot be named".
We'll see if Big Blue ultimately tries to quash Mr. Schneier's outside journalizing and commentary.