Rearranging Deckchairs

In this week’s Crux we see cooling public markets, corporate layoffs, and skittish VCs, but also good news for infosec which continues to be a growth industry because it’s a neverending binfire.

And I give you some tips on briefing an analyst. Specifically: me.

Things to note

An enterprising young lad was arrested for selling a billion or so worth of fake Cisco hardware. It was mostly old gear fraudulently made to look like new gear. Apparently it took people a little while to notice, which Cisco might like to think about.

The Information has a story about Oracle thinking of sacking a bunch of people, mostly in marketing, to save about USD$1 billion. Easy when people on TikTok are doing lots of marketing for free, I guess.

Taking the adventure out of venture capital, Andreesen Horowitz, Thrive Capital, GGC Capital have all decided to buy stock in public companies instead of using the money to invest in startups. I wonder how their $2.2 billion crypto fund is going?

Google is trying to head off antitrust actions by moving parts of its ad-tech business into a different part of itself. I assume this will function similarly to a multi-national moving money to a different part of itself to avoid tax, i.e. extremely well.

Samsung is having a bumper year with lots of server memory sales. Developers celebrated by creating another environment with a full copy of production data.

The FBI and MI5 have issued a joint warning about China’s penchant for industrial espionage. The cybersecurity industry rejoiced and plan to spend all the new funding they’ll get on buying another tool they won’t use.

Microsoft also decided to help by rolling back their decision to block macros by default. It’s something that Microsoft has failed to do for years, so who cares if they fail to do it some more? @SwiftOnSecurity reckons this is a 12-dimensional chess move by Microsoft, which is a level of cynical I aspire to reach.

The EU has passed a couple of major new laws to regulate big tech but it’ll need to actually be enforced. The various national governments of the EU are quite happy to break EU law themselves so I guess we’ll have to wait and see.

I don’t usually cover end-user computing things but Apple adding Lockdown mode is very interesting because so many enterprise tech people have iPhones.

Longer reads

PaloAlto Networks has a really interesting writeup of a red-teaming and adversarial attack simulation tool called Brute Ratel C4(BRc4). BRc4 is similar to the better known Cobalt Strike, but isn’t detected as well by existing tools.

Weekly tip

I take a lot of briefings, and I am always looking to answer two key questions:

• If I give you money, what’s in the box that I just bought?
• What are you optimised for, and what are you not appropriate for?

The first question is to clarify what, exactly, the thing is. It’s easy to describe yourself as a platform, or a SaaS, or some other generic category thing, but I need to know what the actual product or service is.

Anyone who struggles to clearly articulate—in concrete, plain language—what you get if a customer gives you money doesn’t really understand what they’re selling and why anyone should care. Everything will struggle from this lack of clarity.

Then I want to know what choices have been made in building this thing. If someone attempts to say that it’s good for everyone, then I am immediately turned off. Firstly, this is unlikely, and secondly water is good for everyone and yet we still have a variety of optimised versions of it (still or sparkling? Bottled or tap? Flavoured or plain? etc.)

If you’re more specialised than water, then you have made choices about what you will do and what you won’t. You have to say no to things in order to optimise, and I want to know more about those choices. Knowing what you are not is just as important as knowing what you are, and I would argue it’s often easier to decide what not to do. As I said last week, quickly ruling a bunch of things out helps you focus.

As always, if you need help with this process, that’s what PivotNine is for.