One More Acronym and I am Going to Scream

I know I’m an IT Auditor, and we should eat acronyms for breakfast, but it seems as if the focus on “achieving compliance” has brought out the worst in us. “We’re Compliant!” has become the holy grail of corporate management, and IT has jumped on the bandwagon because they can get funding for security products that way.

Round it off with the security vendors changing their market strategy to mindlessly follow this trend and you have an endlessly generated collection of “marketspeak.” Anton Chuvakin has jumped in to promote “GRC,” Governance, Risk, and Compliance. After that he used “IT GRC,” “Unified GRC,” and who knows what vendor will jump in with another riff off of that.

The latest one? “We have to get DLP.” (Data Leak Prevention) Please. Dr. Chuvakin redeems himself on this one, calling it by it’s true name: “content monitoring and filtering.”

How about “SaaS?” Cute lettering, isn’t it? Can you say: “Thin client?” along with “cost more?” Sigh. Until we can build enterprise software that incorporates security into the development lifecycle and patch our servers yesterday, getting the next new security product is water over the dam. The real thin client/virtual desktop is something I’ve seen in action, and I think it’s a pretty nifty idea. But SaaS is death by nickels and dimes.

Using the phrase “The Cloud” for the Internet is something else I find annoying. It’s incentivizing me, if you get my drift.

And “Web 2.0.” What the heck was Web 1.0 and why do we need 2.0? We can’t even agree on what “2.0″ is.

Or “IPS.” Intrusion “Prevention” that we had to turn off because it was stopping so much legitimate traffic….yup, that was preventing intrusion all right.

I hope I’m not turning into Dvorak (the classic Internet curmudgeon), but I can certainly get cranky with all this nonsense.

Let’s hear YOUR favorites.