I've been listed in other "top whatever" security lists a few times in my career, but appearing in Tripwire's Top 25 Influencers in Security You Should Be Following today is pretty cool! Tripwire is one of those technologies and companies that everyone should know. It's almost like the "Xerox" of security because so many people equate the idea of change monitoring with Tripwire. So, I was happy to see my twitter.com/taosecurity feed and the taosecurity.blogspot.com blog make their cut.
David Spark asked for my "security tip for 2012," which I listed as:
Improve your incident detection and response program by answering two critical questions:
1. How many systems have been compromised in any given time period; and
2. How much time elapsed between incident identification and containment for each system?
Use the answers to improve and guide your overall security program.
Those of you on the securitymetrics mailing list, and a few other places, have heard me speaking about this topic. I'll probably blog about it in the future, but suffice it to say that those are the key issues you should address in 2012 in my opinion.