This weekend, as you do after 5 weeks of the whole family under one roof, my wife decided that it was time to clean out the garage. And, apart from needing to do a bit of real-world architecture archaeology on my son’s disassembled Hot Wheels garage to get it back together correctly, things generally went pretty well.
And, by “pretty well”, I mean I was able to mostly stay far, far away from this project.
But, today, as the final toys were being organized so there was actually a new play area for the kids come rain or shine since we’re heading into winter shortly, my daughter had hit her limit of patience to help. And her definition of “helping” turned into basically throwing her brother’s Hot Wheels cars into the garage from the middle of the driveway.
My son, rather expectedly, was getting a bit upset. Shouting at his sister to stop doing that.
However, I reminded him that if he’d picked up his own cars the 6 times his mother and I had already asked him, they wouldn’t be still sitting in the middle of the driveway as a tempting target for a toddler.
“Ohhhhh. Now I see, Papa,” was his reply, as he finally raced around getting his cars before his sister grabbed them.
It’s no different in security. Sometimes, the things we really don’t want to happen are relatively easy to prevent…
…but we first have to see the full picture.
And, given everything we face as security professionals every day – and the fact that there’s often a huge divide between the “architecture”, “engineering” and “operations” teams (and, no, this isn’t the time to start talking about Dev[Sec]Ops. We can argue about that one later).
That divide, plus the fact that we often don’t have any good way to organize and really examine the tacit knowledge that’s often only in the heads of the people on our team…
…can prevent us from seeing – and quickly solving – the easy ones, because, from where we sit, they all pretty-much look the same, given the 5 seconds we steal to actually look at them.
How do you see that full picture?
Well, the only way I’ve ever found in 25 years of professional experience solving real-world problems involving people, processes and technology is that you need to have an architecture. But not just any kind of an architecture.
A *usable* archtiecture.
One that isn’t imprisoned within hundreds pages of documentation and locked in a drawer or sitting on an open shelf, collecting decades of dust.
It needs to be available and accessible. It needs to be actionable…
…and it probably needs YOU to build it.
While it’s not always easy to figure out the best way to do it, that doesn’t mean that it isn’t straightforward once you have. And after all the time I’ve spent doing it – including 14 years of hard time in the SABSA salt mines – I truly believe that that best way is to use the 7 principles, 14 practices and 3 Baseline Perspectives™ of The Agile Security System™.
With it, you can easily build that “big picture” to identify and classify the hard vs. the easy problems and make conscious decisions about which ones to solve in what order. Because in addition to being able to classify them, you’ve also got a pretty good way to prioritize them based on their relative importance and risk impact.
Maybe this sounds too good to be true. But as you work through the 7 weeks of material in the Building Effective Security Architectures program, you’ll quickly see how seemingly little things – sometimes even as simple as the security equivalent of picking up your own toys before your sister tries to break them – can make a big difference…
…to your own sanity and effectiveness…
…to the credibility and trust of your team within your organization…
…and your overall ability to demonstrate the way you protect and enable the business.
Right now the registration is open for the July cohort of the program, and, if you register before the stoke of midnight tonight – around 9 hours from now – you can learn how to be a better security architect for $2,000 less than the people who wait until the regular registration rolls around.
Only you can decide if it’s right for you. And if you do, here’s the link you’ll need:
Andrew S. Townley
Archistry Chief Executive