Security & Risk
Forrester Analysts
Subscribe to this blog
About Author
Forrester Research is a technology and market research company that provides pragmatic advice to global leaders in business and technology.
Contact Author
Email ForresterThe Devil’s Dictionary, InfoSec Edition
Published 10:49, 21 January 10
Ambrose Bierce’s The Devil’s Dictionary is a wickedly witty piece of work (and website). It slyly redefines common words and phrases, usually with a bitter, contrarian, or comic touch.
But why should Mr. Bierce (or more correctly, his estate) have all the fun? It is time for one in the information security field. Here are a few nominations. Most of these are original, but a few were gleefully filched from others:
ALE: an intoxicating liquor that gives imbibers perceived omniscience and discernment, but with one unfortunate side effect: it causes their pants to spontaneously fall down
Advanced persistent threat: a security product manager hyping new categories
Blended threat: a hemlock smoothie
Claims: a more expensive form of assertions, officially sanctioned with George Orwell’s posthumous blessing. cf “flatbread” v. “pizza”
Collective intelligence: the dawning epiphany that the cyber-villains have already won
Data leak prevention: adult undergarments for stopping electronic incontinence
Device control: using Super Glue to plug holes in the sides of laptops
Full disclosure debate: a ritualistic Kabuki performance that ends with a fist-fight amongst members of the audience
Actionable: providing information of sufficient detail and clarity to enable one party to sue another*
Full disk encryption: spray-on auditor repellent
Non-repudation: a word invented in 1995 to describe what technologists believe will happen when they multiply two large prime numbers together
Patch Tuesday: the day before Zero-Day Wednesday
PKI: the technological equivalent of The Rapture, coming next year to bring salvation to lost souls
Secure development lifecycle: a trivia game for which the rules keep changing, and that Microsoft always seems to win
ThreatCon: A vendor-sponsored malware early warning system that resembles the US DHS terrorism warning system, but whose status changes are much more arbitrary
Web application firewalls: bandages that are approximately the size and shape of a rack-mounted server
No animals were harmed in the compilation of this list. Egos, perhaps.
*Author’s note: this is actually what “actionable” means.
As always, I welcome your comments.
Posted by Andrew Jaquith
You can follow Andrew on here
Print
Email
