OK, this really belongs on my security blog (see http://www.oreillynet.com/pub/au/1207), but its more of a rant than analysis, so here it goes.
Every time I see stuff like this (http://www.csoonline.com/read/120105/infosec.html), I wonder: just how much is this security industry is driven by fashion and personality and not by ROI, risk assessment, what have you???
Here is the blurb:
"IN: Intrusion “prevention” systems
OUT: Intrusion detection. Because wouldn’t you rather prevent the intrusion in the first place?
IN: Bots (remotely controlled worms). Armies of them. (See How to Tell If You Have Bots.)
OUT: Website defacements. One speaker called the idea “quaint.”
IN: “Designer worms,” made just for your company and likely to end up on your balance sheet.
OUT: Massive worms, targeted at everyone and likely to end up on CNN."
So, just try telling that defacements are "quaint" to someone whose site just got defaced... Further, "massive worms are OUT", does it mean I should just threw my antivirus off? :-)