Mediaphyter

I have mixed feelings about Tammy Erickson’s latest blog on the Harvard Business Review site. In “Ten Reasons Why the Relationship Between Gen X and Corporations is Strained”, Ms. Erickson explores the challenges that exist between Gen Xers and the corporate structure and while she makes some exceptional points overall the article isn’t digesting well. I struggle a bit with the black-and-white Gen X vs. Gen Y or Gen X vs. Baby Boomer distinctions. While this does exist, in my experience, the greatest divide in today’s private enterprise is between the Gen Xers themselves.

In her article, Ms. Erickson dubs Gen X as “folks in their 30s to early 40s” – a common definition. I fall just shy of the middle of that range and I find myself, even in a management position, empathizing more with the Gen Y worker bees than some of my Gen X colleagues. I don’t know if it’s because of my geekish technogadget nature or my childlike enthusiasm for the inane but I am definitely more a mashup of hand-selected generational qualities than a stamped-and-processed case study.

Some of the implications that I have a hard time keeping down:

• Gen Xers are the most conservative cohort in today’s workforce
• Gen Ys are pesky and hard to manage
• Boomer colleagues can be annoying
• Xers are being overlooked in the lovefest between Gen Y and the Boomers

Now, I am not going to say that these points are wholly untrue across every corporation. I’m sure there is a Gen X manager out there who is at his or her wit’s end trying to keep a Gen Y employee off of Facebook during work hours. I also can see how at goliath corporations where the leadership may be more seasoned, how a confrontation between Gen X and the Baby Boomers could arise. Ms. Erickson surmises that Xers might move toward smaller operations to avoid some of the static. But until we address the divide between the Gen Xers themselves, I don’t believe business size can even be a consideration in determining a safe haven for our more radical change agents.

Generation X is known to be a school of innovators and those who do not always take kindly to rules. We march to the beat of our own drum. Sometimes, that drum tells us to conform. Sometimes, that drum tells us to stand out. Sometimes, that drum tells us to run like hell from that which tries to control us. That inner constitutional freedom we possess, unlike some of the Baby Boomers who were more driven by financial security and longevity, or the Gen Y kids who face blocks if they do not possess techno hipness, makes us better able to wear the badges of whatever generation we choose.

Some Gen Xers choose to align more with the Baby Boomers and while they may be at innovative companies or in innovative fields, they cling so tightly to the Boomers that they lose sight of evolving business styles, and thereby get mired in antiquated approaches. Some Xers find their biggest battles, whether internally or externally, to be with this sort. Those on the Gen-X-to-Baby-Boomer quick path might think that because of their age they are more hip than they really are. Whereas it is easier for the Gen Y and savvier Gen X sets to communicate with the Baby Boomers because the Boomers recognize the generation gap. However, when push comes to shove, these Boomers inherently embrace the ideas of their more conservative Gen X protégés.

I am a Gen X gal at heart (see “does not always take kindly to rules”) but I pepper in a heck of a lot of Gen Y and my fiscal common sense gives me enough Baby Boomer drive to survive. I also believe that the Gen Xers’ ability to flex and shift and take on the roles that are most pressing at the moment is what is securing us as future business leaders and what may be what is pushing some Baby Boomers into irrelevancy.

We get technology. We get politics. We get culture – international, pop, or corporate. Especially us younger Gen Xers, we’re tapped into the Gen Y social networks (virtual and IRL) and are connected to the latest and greatest fads, if you will. We’re mature and accomplished enough to earn the respect and mentorship, when needed, from the older set. But we still maintain our groove to the beat of that zany drummer and we understand the “newfangled” ideas that are seen as intangible now yet will be the core of successful business soon enough.

I applaud Tammy Erickson for her insight as she’s one of the first Baby Boomers I’ve seen truly attempt to sympathize with and support the plight of the growing, thriving Gen X corporate change agent. I do believe she is right when she says we have a pre-disposed notion to mistrust corporations and we face various levels of suffocation as career paths grow and narrow. But I also believe we’re more of a mashup generation than the business leaders before us and the army of workers behind us. We’re crafty and can adapt to quick change in our respective industries. Let’s not let the pressures of a pre-defined generational expectation pigeonhole us into a state of unhappiness.

Since the start of the year I’ve been obsessively soaking up as much education as I could on the benefits and best practices of social media. It’s definitely a craft that requires much external assessment and dissection (no, really, it does). I figured that tonight, however, I would jump on the Twitter-fad-of-the-week bandwagon and create myself a little tweet cloud and see what it says about me. Oh, what’s a tweet cloud? It’s like a tag cloud… but of tweets. I don’t know a more simple way to explain that.

I’m not going to sit here and read through the varied blue text and attempt to ascertain some personal branding epiphany or comment on the state of business. I am going to follow in the footsteps of my friend Mukund Mohan and have fun with it.

First, my tweet cloud:

First, I like to talk about Twitter. I don’t think that’s shocking to anyone who knows me — especially those folks who met me at SOURCE Boston. I was doing so much recruiting for Security Twits that I had more than a few people ask me if I actually work for Twitter (I don’t). Clearly, I’m doing too good of a job, so dear Twitter, I am going to try to shut up about you for a while. Oh, and speaking of the Security Twits, um, yeah. I seem to like to talk about them as well. Or to them. Or about them. My employer might be most pleased with that (as well as the standalone mention of security as a top tweet) since that’s in line with what I actually get paid to do.

Enough about business-related tweets. Let’s look at the softer side of Jen. I find it quite comical that punctuation is stripped from the tweet cloud. The word “ill” seems to be one of my more prominent utterances. I could become paranoid (I do work in security after all) and presume that the tweet cloud is trying to imply something, but really that highlight should be the word “I’ll“. I’m not so certain that “I’ll” is much better than “ill” anyway. With the latter, I’m sick. With the former, I’m just self-centered.

Or am I? You’ll see that I am a very grateful person. I thank people a lot — in three different forms, albeit only in one language. I’ll work on that. Thanks, tweet cloud, for pointing out my lack of multilingual skills. See. There I ago again, being appreciative.

I work a lot, though clearly not as much as I think. I suppose that means that I’m spending more time pondering than actually doing. Shhh. Don’t tell anyone. Wait for me to do it myself. Via Twitter.

Finally, I have much love to give but my need seems to be bigger than my focus on love. Since this is a professional-facing blog I won’t make any snarky comments about myself there. I’ll leave it to mystery (or to the handful of friends who know me all too well to giggle about in private).

While these were the greatest tweet themes for me, I need to call out some awesome honorable mentions:

• Hockey / Sharks (yes, they should be in the same category)
• lol
• sorry
• damn
• scrabulous
• stupid
• yay

That’s right. I’m @mediaphyter. I like hockey, I laugh, I curse, I play word games, I apparently do something stupid and I cheer. I’m one of the most prolific twits on the planet. You can quote me on that. Wait, my tweet cloud already did.

When I was four, my mom bought me a little red tricycle. I distinctly remember the bounce of joy I did about my grandparents’ living room when I opened it. I can also vividly look back at the painstaking process it was for my grandfather to assemble the darn thing. Socket A and wrench B and tassel C and blah blah blah. I just wanted to ride, to feel the wind in my hair at a whopping .010 miles per hour, and see the, um, driveway. I was even OK with the ugly flowered helmet I would be forced to wear.

This was my first true lesson in the concept of fruits of labor. I’ve had thousands of lessons or experiences since, however the most recent came in the form of the Security Bloggers Meet-Up at RSA Conference last week. While it was an event borne of a blogger brainstorm a few years ago, this year it became my baby – though I was certainly not alone in parenting it. We grew the event from around 50 attendees in 2007 to 100+ this year and we even added live video streaming (most of which was recorded). But in the end it still held true to its mainstay as an event designed by the bloggers for the bloggers to provide them a (fairly) marketing-free zone in which to discuss whatever was on their minds.

And speaking of the bloggers, here’s a list of most of the bloggers in attendance:

• Adam J. O’Donnell
• Adam Shostack
• Adrian Lane
• Alan Shimel
• Alex Eckelberry
• Amrit Williams
• Andreas Antonopoulos
• Andrew Storms
• Andy Steingruebl
• Anton Chuvakin
• Apneet Jolly
• Ari Juels
• Augusto Barros
• Benjamin Tomhave
• Branden Williams
• Bruce Schneier
• Chris Eng
• Christofer Hoff
• Dan O’Neill
• Daniel Miessler
• David Mortman
• Derek Manky
• Eric Green
• Garrett Gee
• George Ou
• Illena Armstrong
• Ira Winkler
• Jack Daniel
• James Costello
• Jeanne Friedman
• Jeff Jones
• Jeff Evenson
• Jennifer Jabbusch
• Joe Tardo
• Jon Peterson
• Josh Morin
• Kai Axford
• Katie Moussouris
• Kelly Jackson-Higgins
• Kristin Romonovich
• Leigh Hollowell
• Manu Namboodiri
• Martin McKeay
• Matt Flynn
• Michael Dahn
• Michael Farnum
• Michael Mongold
• Michael Santarcangelo
• Mike Davies
• Mike Fratto
• Mike Murray
• Mike Rothman
• Mikko Hypponen
• Misha Govshteyn
• Mitchell Ashley
• Patrick Walsh
• Patrik Runald
• Paul Hinkle
• Phillip Hallam-Baker
• Raffael Marty
• Rich Mogull
• Richard Stiennon
• Rob Cheyne
• Rob Newby
• Robert Graham
• Robert Richardson
• Roger Thompson
• Ron Gula
• Ryan Russell
• Ryan Singel
• Samuel Van Ryder
• Sara Peters
• Sarah Blankinship
• Sean Kline
• Shrikant Raman
• Stacy Thayer
• Todd Hooper
• Walt Conway
• Ward Spangenberg
• Window Snyder

Thanks again to the security blogger community and the wonderful committee of sponsors and supporters (Alan Shimel, Martin McKeay, Rich Mogull, Richard Stiennon, Jeff Jones, Dave Berkowitz and Sonya Caprio) for not only joining in what turned out to be an amazing event, but trusting me enough to steer it in the right direction. It wasn’t quite the same feeling as the glee of zooming about on my little red trike, but it was still one heck of a fun ride. And this time, I didn’t even need a helmet.

(Soon to be cross-posted to the official event blog)

Wednesday, April 9

6-8 p.m.

Virtual Event Details To Be Announced at Network Security Podcast

“See” you there!

I have a new addiction. Not the arm-tapping or liquid sort, thank goodness, but a television addiction. Over the last two weeks I have done little else but sleep, work and watch “Dexter” — something that has become the butt of a few jokes in the Security Twit-terverse. I started season one last Tuesday. I finished season two on Wednesday night (only after frantically calling Comcast late Saturday night and adding Showtime to my cable package so I could immediately get more episodes “on-demand”). See? Addiction.

If you aren’t familiar with the show’s premise, Dexter Morgan (played by the amazing Michael C. Hall of “Six Feet Under“) is a forensic investigator for the Miami Metro Police Department and, well, a serial killer. I don’t want to include spoilers here so I will say what I always do when I can’t answer something: “It’s complicated.” Essentially, he only takes out the murderous trash that slips through law enforcement cracks.

Now it’s over, for the time anyway, and I’m going into a bit of withdrawal. Because there are five months and 26 days until season three begins I need to find a way to incorporate “Dexter” into my every day life. Since I am not a serial killer (I can’t even hurt a spider without a tearful goodbye) I had to find a more creative way to glean lessons from my kooky killing television hero. So, I give you: Why “Dexter” Would Succeed in Business:

1. Precision

Dexter Morgan is a perfectionist. His kills are clean and ritualistic. Simple. His actions are consistent. He prides himself on his ability to to lay out a perfect plan, stay meticulously on course and carry out his self-imposed assignments with a sense of control that will allow for little to no mistakes. His communication is always clear. If obstacles present themselves in the middle of his careful, um, execution, he does not slink away. He finds a way to either work around said obstacles or remove them from his path. He does all of this with a confidence and self-assuredness that helps to ensure his success.

2. Disassociation from Emotion

Dexter Morgan refers to himself as a “monster without feelings” at times. While he might be a little too hard on himself (as well all tend to be) he has mastered the practice of keeping emotions out of his decision making most of the time. As a matter of fact, I believe his ability to stave off feelings in his “business”-oriented thought processes directly support his ability to be precise. Dexter does not allow himself to be swayed by insecurity or guilt. He does not act out rashly toward people because he is having a bad day. He does not project his own self-assessed inadequacies onto other people. He is a beacon of assuredness who lives by a rule that his darkest emotions and actions stay hidden in the presence of others (unless you’re a murderer who has escaped the clutches of the police).

3. Dedication to a Craft (aka Your Work is Art)

There’s a sick beauty in the way that Dexter Morgan carries out his tasks. He is not only doing what he believes is his job, he has created “best practices” to follow each time to ensure high-quality results. To that end, every one of his kills is carried out with the same step-by-step method; an almost predictable fashion. The presentation, while disturbing, is almost artful. But his methodical nature does not mean that he never thinks outside the box. While sticking to what he knows works he always finds a way to add a new bit of flair to each assignment. What’s more important is that he doesn’t do all of this in an effort to impress others — he does it to be true to himself.

4. Careful Risk/Benefit Analysis

Dexter Morgan never makes a move without carefully analyzing the potential risks of his actions compared to the benefit that can be achieved by removing a malicious killer from Miami. You know, like we have to weigh the amount of our financial or labor investments compared to the desired outcome or ROI for our companies. It’s the same thing, really. Dexter goes through a series of questions while contemplating his next kill, such as “How do I obtain proof that this person really deserves to be dispatched? (aka “how do I get proof that this new tool will provide value-add?”). There’s also, “How do I avoid getting caught as well as not letting this distract me from my blood splatter analysis at work? (aka “how do I take on this new endeavor while not sacrificing my other pressing priorities?”). He does not make a move without this careful consideration. I recognize, however, that Dexter is in a better position than those of us who need to obtain multiple levels of approval for certain projects, therefore he has greater control over the benefit versus risk.

5. Loyalty

Finally, Dexter Morgan is loyal. It’s really hard to find dedicated employees these days, especially in technology. The average life-span, er, employment-span of an employee in Silicon Valley, for instance, is about two to three years. Dexter has been following a very strict code that his adoptive father, Harry Morgan, set for him some 20 years prior. He rarely, if not never, veers from this code and allows it to dictate most of his actions. His decision to let this code have a hold over him is purely out of loyalty to and respect for the dearly deceased Harry. Dexter isn’t begrudging about the code either; he has a lot of pride in his devotion to Harry and strives to meet these high standards. For that reason, Dexter would be a model employee, as he does not question the code nor does he challenge the code. He trusts the code and follows it to a tee.

There ya have it. Sure, Dexter is a little (?) twisted but his heart is in the right place. At the very core of it he possesses skills that would make him a valuable employee (if he wasn’t out slashing people in his spare time). I, myself, am going to aspire to be more like Dexter (not like that, remember what I said about the spider?). My career path — and company — will only benefit.

* Note: Neither this blog nor its author condone serial killing even to avenge death. This blog and its author do condone good business practices.

One week from today the security blogger population will come together at a San Francisco hot spot for drinks, conversation and – who are we kidding? – maybe a little chaos. The Security Bloggers Meet-Up at RSA Conference promises to be quite the party with an estimated 140+ attendees from across the globe planning to join.

I’ve had a countless amount people ask me for the email contact list for the bloggers attending. Since I’ve been entrusted with this master list I’ve guarded it with my life. Alright, not quite my life, but I haven’t given it to a soul. But what I haven’t been guarding is the list of blogs that will be represented at the event (it’s even on a blog roll over on the official event blog).  

That said, leave a comment with a link to your blog if you are coming to the event and/or want to be on the blog roll. Or comment at the official blog. Or send us a message on the official Twitter feed. Or direct a carrier pigeon our way. Point being – let us know.

Finally, before we get into the RSA Conference frenzy, I want to thank some great people who helped to pull this all together: Alan Shimel, Martin McKeay, Rich Mogull, Richard Stiennon, Jeff Jones, Dave Berkowitz and my partner in crime, Sonya Caprio. If you’re coming, please be sure to buy them a (free) drink to say thanks! ;-)

Can’t wait to see everyone next week!

(Soon to be cross-posted to the official event blog)

Silicon Valley is a place of great minds. It is a place of great technological innovation. It is the place of idea sharing, partnerships and community.

Unless you’re on Twitter.

Perhaps I exaggerate a smidge but the reality is that during my time on Twitter I have encountered very few Silicon Valley users who share my common interests (technology, social media and hockey). I can understand not finding a lot of Web 2.0 soul mates who are into the latter. Yet I find it almost shocking that in one of country’s most progressive areas, there are very few social media and/or technology geeks in the Bay Area who are using Twitter. (Not that Twitter is the end-all, be-all of technology hipness; as a matter of fact, it’s getting a little old. But it’s a phenomenal networking tool.)

I’d been pondering this for a while and brought it up at lunch a few weeks ago with Ryan Kuder and I shared with him my thoughts on how Silicon Valley seems to be lacking a sense of social media community. In contrast there is an impressive (and almost exhausting) level of social media community in Boston and Chicago. We pale (embarrassingly) in comparison. Yes, there are seem to be some local events that are run through Social Media Club and Shel Israel puts on some good get-togethers. Cathryn Hrudicka even hosted a Jeff Pulver Social Media Breakfast in San Francisco a few days go. But deep in the heart of the Valley — not really much.

So Ryan and I decided to try and shake Twitter up a bit and put together the first Silicon Valley Tweet-Up — happening tomorrow night at NOLA in Palo Alto. I did an exhaustive Terraminds search (well, when Terraminds was working) to try and find local Silicon Valley folks who might want to attend. I think out of 50 people approached (er, nagged) we now have about 20 people who are slated to come. And ya know what? In spite of all of my complaining I’m pretty satisfied with that number. Sure it needs to grow — but it’s a start.

Come on, Silicon Valley. If you’re out there and microblogging let us know. Prove me wrong. Don’t let Boston and Chicago win.

So, I realized I’ve been bugging all of the bloggers to talk about the Security Bloggers Meet-Up at RSA Conference in a few weeks (gulp!) yet I’ve neglected to do it myself. I wish I could say that what prompted this blog post was my sense of responsibility and urgency, but the fact of the matter is that Rich Mogull and Martin McKeay lit a fire under me when they invited me to talk to them tonight on Network Security Podcast Episode #98.

I’m excited to have had the chance to talk about the private-yet-live-video-streamed event (which at this point has 100+ RSVPs) as well as the success that was SOURCE Boston, and about building a social networking community within the security industry. I’m quite passionate about the latter (well, about all three of these things I suppose) as well as other netsec issues — which will become more apparent as I have more time to devote to this blog.

The podcast experience was a bizarre one for me. As I continue to transition into a new role at my company and really search out my niche in this space, I’m finding myself facing a lot of role reversal. I initially went into public relations because I liked telling other people’s stories. As I’ve matured and become more educated in media and in technology and have moved out of a public relations role, I’ve become a person who wants to tell her own stories and express her own opinions and drive her own influence. Perhaps that’s part of why I am so excited about this social media movement within the security industry. But it’s still terrifying to go from a role in which I was behind the camera, so to speak, and slowly start moving in front of it (I kept imagining myself as Cindy Brady in the episode where she freezes when the “on air” light goes on). Yes, terrifying — yet invigorating.

I suppose the best thing to do is embrace it and keep on moving.  And perhaps stop watching “Brady Bunch” re-runs.

You can all razz me about this in a few weeks at the meet-up.

Financially motivated malware is forcing anti-malware vendors to dramatically change their strategies – from remodeling their antivirus labs to the way they market their solutions. At least that is the take of Andrew Jaquith, Yankee Group analyst, who discussed this critical need for change during his SOURCE Boston talk: “Not Dead But Twitching – Antivirus Succumbs to the Scourge of Modern Malware.”

In an industry where security vendors self-congratulate and loudly beat their chests about what they claim to protect against, Jaquith states that current AV protection models are failing as zero day exploits become more sophisticated and malware creators become further incentivized by financial gain.

“Everyone is losing ground,” he said. “Public bravado belies private anguish.”

Jaquith talked about neosploit designer malware (one signature, one victim) and low-and-slow malware feeding denial of service-type attacks against AV labs as just two reasons that these labs need to consider changing their models.

“Most of the antivirus labs prioritize what they go after based on the infections they hear about,” Jaquith said. He went on to say that is only further driving the attackers to send a lot of tiny viruses and change the signature and content enough to slip under the radar.

Despite years of security investments, enterprises are still at a 99 percent penetration rate for antivirus and 63 percent of enterprises suffered a malware outbreak that impaired business. Vendors themselves are citing that they’ve had more malware samples in the last year than in the previous 10 years combined. Throwing more security research engineer bodies at the problem is not going to solve it.

“Today’s antivirus model is losing effectiveness,” Jaquith said. “The enemy is using its infinite ability to scale against the limited capabilities of the AV lab.”

But the biggest problem, he states, is that anti-malware industry itself, calling out the industry’s unwillingness to admit it is losing the battle, to band together, to hush the marketeers and to truly measure the effectiveness of anti-malware efforts.

“Either no one is telling or no one knows – how come no vendors can tell us what percent of anti-malware customers have actually been infected?” he asked.

Herd intelligence (using every endpoint as a collector) with behavior blocking, and taking the old antivirus prevention strategy and leveraging it as a detection strategy are solutions that he suggests.

“Security people think of prevention, detection and response. What AV is good at is protection and how it is marketed. If what you market is silver bullets you are damning yourself to live and die by prevention while the industry is moving to detection and response,” he said.

During his talk, Jaquith cited several vendors who claim to stop “all” malware threats or protect against “any viruses.” There’s a danger in that, he said, as no vendor can guarantee to stop all threats with antivirus solutions, especially with the mounting offenses that malware creators are taking against the AV labs. He pushed for more responsible marketing among all anti-malware vendors.

“Part of this is about the industry growing up. Some of this is tough love but it’s meant to suggest we’ll get beyond the silver bullet.”

(Cross-posted at the SOURCE Boston blog)

I thought this picture was hilarious. Maybe in part because I was there when it was taken and subsequently Photoshopped. But I think it’s a sign of good times to come this week at SOURCE Boston. Oh, picture shamelessly stolen from Raffy.