Showing posts from January, 2012

Best Book Bejtlich Read in 2011

It's time to name the winner of the Best Book Bejtlich Read award for 2011! I've been reading and reviewing digital security books seriously since 2000. This is the 6th time I've formally announced a winner; see my bestbook label for previous winners. Compared to 2010 (31 books), 2011 saw a decrease to 22 books. Remember all reading is neither equal nor fast . When I review a book, I am sure to read it and not just skim it. For 10 books last year, I chose not to read them but to instead post impressions . Posts called "impressions" provide my sense of the book but I do not publish them in my reviews. My ratings for 2011 can be summarized as follows: 5 stars: 10 books 4 stars: 7 books 3 stars: 4 books 2 stars: 1 book 1 stars: 0 books Please remember that I try to avoid reading bad books. If I read a book and I give it a lower rating (generally 3 or less stars), it's because I had higher hopes. Here's my overall ranking of

Telling a Security Story with Charts

The image at left appeared in the 31 December 2011 edition of The Economist magazine in the article Economics focus -- How to get a date: The year when the Chinese economy will truly eclipse America’s is in sight . It depicts 15 measurements of the US and Chinese economies, with historical and projected data. There is a version available at this page with more statistics comparing the two nations. The Economist presents these charts for the following reason: In the spring of 2011 the Pew Global Attitudes Survey asked thousands of people worldwide which country they thought was the leading economic power. Half of the Chinese polled reckoned that America remains number one, twice as many as said “China”. Americans are no longer sure: 43% of US respondents answered “China”; only 38% thought America was still the top dog. The answer depends on which measure you pick. (emphasis added) The reason I like these charts is that they remind me of how many security practitioners think

Happy 9th Birthday TaoSecurity Blog

Today, 8 January 2012, is the 9th birthday of TaoSecurity Blog . I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone. 2843 posts later, I am still blogging. Looking at all 9 years of blogging, I averaged 315 per year, but in the age of Twitter (2009-2011) I averaged only 171 blog posts per year. I plan to continue blogging, but I expect around the same number as last year -- somewhere in the 60 to 100 post range. I spend a lot more time expressing my views to the press and market researchers and analysts, so I'm often less inclined to do more of that in my free time through this blog. I plan to devote any decent chunks of free time to more traditional writing. I love to use Twitter for quick commentary. Thanks for joining me these 9 years -- I hope to have a 10 year post in 2013! If you're a security blogger, and you like this blog, please consider voting for me via the 2012 Social Security Bloggers Awards . I'm n