A short note on a regional event in Birmingham last weekend. The first of my planned 2003 conferences.
The content was mostly about SQL Slammer and its aftermath. Several practitioners had detailed accounts of the impact at their organisations; the data was richer than what is publicly reported.
What I am taking from it
The Slammer impact was larger than the press reported. Several specific organisations had multi-day disruption that did not become public. The aggregate cost is substantially higher than the public estimates.
The patching gap is structural. The Slammer-vulnerable population had been static for six months. The patching mechanism is not reaching the long tail of operators.
Defenders are tired. The burnout I wrote about continues to be visible. The Slammer incident was particularly draining for many operators.
More as the year develops.