As the ball dropped in Times Square, and the fireworks lit off the SpaceNeedle in Seattle, a Blue Moon accompanied the sendoff of 2009 and the welcome of 2010. A Blue Moon is when a full moon occurs twice in one calendar month. It happens about every 2.5 years but the next time it will occur on the cusp of the calendar change between the civil year will be 2028. So, this feels a little exceptional - like heavenly events, it will happen again predictably. Where we will be, and what we will be doing when the next one comes around is, well, out of our hands.
What does this have to do with IT Risk? We deal with unpredictable events. Unlike the moons, unlike the tides, our profession is governed more by the unforeseen, the unplanned, the "zero day" event that we didn't see coming. At times it is thrilling, but over time, it is exhausting... and I believe its unnecessary. Much of what we deal with as firedrills in our profession is foreseeable, and manageable, if we have the will to do so.
So welcome to the kickoff of Security Curmudgeon. This happens once in a New Year's Blue Moon. We cannot predict all that will happen to us in 2010, all we can do is anticipate the probable, and be ready for the improbable. With anticipation of Cloud Computing, a rise in cyber-crime, technology innovation, and the hoped-for economic upturn (not to mention what promises to be a thriller of a political year) we will likely have a lot to do in reactive mode this year. Let's change that so that by the next Blue Moon, we'll be in a more relaxed, proactive posture for managing IT Risk.
Posts
No comments:
Post a Comment