A few days ago was the movie premiere of Fortify’s “The New Face of Cybercrime“. It is a twenty minute documentary on the state of cyber security. There was a ton of topics covered in twenty minutes, and I felt that because they covered so much, nothing was really explained. There was no technical information, and not much explanation of the bad effects that can happen. Toward the end of the movie there was a mention of using SQL injection to get credit card and social security numbers, but that was about it. I was surprised that they didn’t show the video of a power station turbine spinning out of control.

So who was the movie for? They said it was targeting executives to show the consequences of insecure web sites. But like I said earlier, there wasn’t that much shock value. Anurag Agarwal also wonders how the movie can be used properly.

Also, the movie does not bring a call to action. The producers then said that the movie was for creating discussion. That response didn’t settle with me too well, because if you show the video to executives, they will probably wont care because of the lack of major shock value. I suppose if the company is totally new to security, it might help with putting resources to security. Martin Mckeay also has some comments on this subject.

After the movie premiere, we were treated to drinks and yummy treats in the green room. Everyone also got the movie trailer on cdrom, and a sweet movie projector clock.

Even with all the negatives that I mentioned, Fortify did make a movie, and I think the product was what they wanted. Congrats to them, and I hope it does promote discussion and change in the cyber security world.

Update: The rest of my pictures can be found on flickr here.

Update #2: Jeremiah Grossman also blogged about the event.