# Silver Bullet Talks with Christofer Hoff

Gary McGraw, Cigital

Pages: pp. 8-10

Christofer Hoff is the director of cloud and virtualizations solutions at Cisco. He has also been a chief security architect at Unisys, a chief architect, a CSO, and a CTO. Hoff has a well-trafficked blog at www.rationalsurvivability.com/blog.

#### Gary McGraw:

At RSA 2009, the number one buzz word was "cloud" and "cloud security." Pinning down cloud computing and cloud security by attending that show is kind of like trying to nail fog. So, what is cloud computing anyway?

Christofer Hoff: Well, there's fog and then there's my favorite analogy of the "goat rodeo," but I think they're both relatively accurate. It's very interesting that this question comes up so many times, and I've rehearsed the answer depending on the audience. What I've kind of arrived at is that there are two very interesting perspectives to take when answering that question: one from the providers' perspective—the vendor community, those that offer cloud services—and then one from the consumers' perspective.

From the perspective of a consumer, anything—any service, any company, any vendor, any technology that would otherwise allow them to take their content and their data and place it in the stewardship of somebody else—these days is called "cloud." So, from the consumers' perspective, that's Mobile Me, it's iTunes, it could even be the Sidekick data storage story that we saw a week ago (in terms of failure).

#### McGraw:

Isn't it data "loss-age" that they're doing?

#### Hoff:

Data loss-age, yes.

#### McGraw:

We'll lose your data forever! <laughs>