Perspective

Posts ∙ 63 posts

Posts

Andrew Jaquith
Andrew Jaquith
Good Metrics

This essay is adapted from “Chapter 2: Defining Security Metrics” of my forthcoming book, Security Metrics: Replacing Fear, Uncertainty and Doubt from Addison-Wesley and Symantec Press, expected in early 2007. Small portions of this appeared in “The Future Belongs to the Quants,” an IEEE article co-authored by me, Dan Geer and Kevin Soo Hoo.

Information security is one of the few management disciplines that has yet to submit itself to serious analytic scrutiny. In security, business leaders ask:

9 min read ∙ October 15, 2006
Andrew Jaquith
Andrew Jaquith
Charging for Guaranteed Spam: Better Than It Sounds?

Much ink has been spilled over the recent AOL and Yahoo announcements that they will charge marketers five cents per e-mail to guarantee delivery of their mail, thus bypassing their spam filters.

Lots of people been rendered spitting mad by the plan. Three things seem obvious to me about how and why these plans came about:

3 min read ∙ February 12, 2006
Andrew Jaquith
Andrew Jaquith
Blended Threats == Hemlock Smoothies
An open letter to all anti-virus software makers: February 2, 2006 Dear Antivirus Industry, Why are you so addicted to the term “blended threat”? It seems to mean something special to you… but it means nothing to anybody else.
2 min read ∙ February 11, 2006
Andrew Jaquith
Andrew Jaquith
The Vulnerability Supply Chain
Yankee Group research may not be as well-subscribed as say, Gartner’s, but I like to think that it compares favorably with it. Earlier this year I wrote a research note titled Fear and Loathing in Las Vegas: the Hackers Turn Pro about the increasing number of vulnerabilities found in security products.
7 min read ∙ December 7, 2005
Andrew Jaquith
Andrew Jaquith
The Natives are Restless
Many readers know that my day job is as a security technology analyst for Yankee Group. Well, it’s about that time of year where we start to wind down our research calendar.
2 min read ∙ November 29, 2005