

Bruce Schneier Joins Startup Co3 Systems - sc90
http://threatpost.com/bruce-schneier-joins-startup-co3-systems/103429

======
tptacek
This is pretty inside-baseball stuff. Co3 is an enterprise security product,
meaning that very few people on HN will ever see it, let alone buy it. And
it's in incident response (tools that allow people to follow up on breakins),
which is the second-least sexy part of enterprise security.

I suppose it's good to bear in mind that Schneier now has a dog in the race
any time he writes about incident response. But then, he had one about managed
security services while he worked at Counterpane and BT. It didn't seem to
impact his writing much.

As far as I know, Schneier remains a fellow at Berkman at Harvard, which is
presumably where most of the stuff he does that is actually interesting will
be done.

(I worked with and very much some other people on the management team at Co3
in a previous life; I've got nothing bad to say about it, just some
perspective.)

~~~
notdarkyet
Naive question, but common our enterprise break-ins where a company would need
a tool devoted entirely to it?

~~~
MacsHeadroom
That depends on the industry and company size, and also on your definition of
a breach.

45% of all retail companies DETECTED at least one serious information systems
breach in 2013. (Many more would have experienced a breach without knowing.)

According to Trustwave's 2013 Global Security Report, the top 5 most breached
industries are 1. Retail 2. Food & Beverage 3. Hospitality 4. Financial
Services and 5 Non-Profits, followed by High-Tech.

The Trustwave report doesn't break things down by company size. But you can be
sure that large retail companies (Macy's, GoDaddy, Microsoft, Goodyear, Betty
Crocker, etc) have many many incident response teams who follow up on multiple
incidents each day. Most aren't serious, of course. But they all need to be
handled thoroughly because one mishandled serious breach is all it takes to
cost a company as much as hundreds of millions of dollars in damages.

A quick LinkedIn search shows 150,000 people working in incident response
positions in the U.S. A good bit of those work for incident response service
providers like Mandiant [https://www.mandiant.com/services/incident-
response/](https://www.mandiant.com/services/incident-response/) Most
companies under ~300 employees aren't going to have in-house IR teams (many do
though). They'll hire companies like Mandiant to respond to serious incidents
while letting insurance handle the less serious incidents.

------
raldi
A questionable name for a company. Even this article can't keep straight
whether it's CO3 or C03.

~~~
smackfu
It's actually Co3. Given that, I don't know why that name (and I spent way too
much time looking.)

------
strict9
While I agree with his viewpoints, I just can't take a security professional
(or CTO) seriously who uses Windows as their primary machine.

~~~
casca
Can you please explain why? Is there some evidence you have that shows that
Windows is less secure than any other OS? Please take into account the huge
market share which means that malware writers will spend a disproportionate
amount of time developing for Microsoft systems. Also, people who run other
Operating Systems tend to be more technically skilled than people using
Windows.

This is not to excuse Microsoft, they could certainly do better. But so could
Apple and Debian.

~~~
strict9
My remark was certainly flippant. It was a gut reaction to statements he's
made about a Linux machine as the best bet (see his interview with VICE), but
yet he still primarily uses Windows.

I think there's a lot to be said for those who practice what they preach
rather than sticking with a lesser option out of convenience.

~~~
casca
Perhaps he's more skilled at Windows than at Linux? In which case, if he were
to switch to a platform that's unfamiliar, he would be more likely to make an
error that would lead him to being vulnerable.

I'd suggest that by using a platform that he knows how to make secure rather
than one he's unfamiliar with, he is acting in the best way to ensure the
security of his device.

