Perhaps you've heard the old information security gag: "if you're a diver, you don't have to swim faster than the shark, just faster than your buddy." It's sometimes good for a chuckle and suggests that we should merely aspire to implement enough security to make us a less attractive target than our peers. Nowadays the joke is a little stale, because as Josh Corman points out in his recent TEDx talk*, sometimes the shark has a buddy too. As risks proliferate and as the bad guys of all kinds get better (badder?) at what they do, "good enough" security hasn't been remotely good enough for years. So I was particularly glad to have the opportunity to gather with some of our best and brightest customers this weekend at our second annual Customer Advisory Board meeting for a frank discussion about how we're all doing before we headed down to San Francisco for the annual RSA Conference.