Both of my small children love the Minions movies, so there’s a good chance that when they get to watch TV and have to agree on something they can watch together, it’s going to be a movie filled with little yellow people running around in goggles and overalls. And the other day when they were watching Despicable Me for probably the 3,000th time, the part I dropped in on was when Gru was trying to get his 3 adopted daughters to help him steal the shrink ray gun from his nemesis Vector, so he can complete his plan to steal the moon and demonstrate his prowess as a top super-villain who should be taken seriously.
However, Gru is a bit short of cash to actually execute the full plan, so he goes to the Bank of Evil to get a loan. If he doesn’t get the loan, he can’t execute the plan. And the single thing he needs to accomplish to impress the President of the Bank of Evil is to steal the shrink ray.
Now like all well-run organizations, Gru has his minions which do his bidding—as long as he pays them and lets them have their fun. And he has his technical genius, Dr. Nefario, who develops all the cool gadgets and machines he uses to complete his villainous acts.
The key part of the plan in question is the infiltration of Vector’s lair, where the shrink ray is held. Now, Gru knows that Vector’s not the smartest of villains, and he observed that 3 little girls were able to walk up and gain entry because they were selling cookies.
Armed with this information, Gru adopts the girls so he can use them as part of his plan, and instructs Dr. Nefario of the technical needs to carry out the heist. After Dr. Nefario begins work on his task, Gru decides to check in with him and see how things are going, given he’s keen to progress his plan and abandon the girls, who are causing quite a number of complications in his day-to-day life as a super-villain.
When he enters the lab, Gru finds Dr. Nefario excitedly ready to demo his creations. As Dr. Nefario starts the demo, loud music erupts, disco lights begin to flash, and a bit of a dance number begins.
Gru watches for a moment, and then interrupts, “Ah…question. What are these?”
“Boogie robots! Boogie!!!!” shouts a proud and elated Dr. Nefario.
Gru grabs the remote control, kills the demo and holds up a disapproving hand. He sighs, puts his hand to his head and says with more than a little disappointment, “Cookie robots. I said, cookie robots. Why? Why…are you so…old?” And walks despondently out of the room.
And I have to say, the scene still makes me chuckle. Well done Universal Pictures. Well done.
Besides being an entertaining interlude in the film, it’s a memorable way to summarize one of the key problems in security delivery—failure to deliver what the customer wanted.
Now, I know I talked about the front-end part of this process in the September issue of the newsletter, but this time, we need to talk about the whole process. Of course getting the right information from the right people is a key success criteria, and that’s why we spent a whole issue on it.
But there’s more to it than just getting the interview done. It’s how that information is conveyed to the rest of the team so they don’t end up inadvertently doing the wrong thing because they made an assumption about what a key part of the requirements actually meant.
What I’m talking about here is the end-to-end process of Requirements Engineering (RE). Now, you might be tempted to say that in Agile, there’s no place for RE.
And well, if that’s really what you think, then you just go put a new battery in your little cap with the propeller on it and move right along. Nothing else I’m going to say will make any sense to you.
In fact, RE in Agile is even more critical because there’s generally a whole lot less formality around the requirements, and as a result, there’s a whole lot more room for interpretation—even though the bites you’re taking are smaller and easier to digest.
But let’s also recognize another elephant in the room. While your organization may be doing Agile, there’s a bunch of ways that can happen, and many of them don’t turn out quite as the signatories of the Agile Manifesto would’ve intended.
And if you’re not Agile, or you haven’t yet figured out the best way to integrate security into your internal project delivery while still keeping a firm grip on the bigger picture of your enterprise security program, RE can be one of the make-or-break elements of your whole security program.
So that’s exactly why the upcoming October issue of the paid, delivered-to-your-door Security Sanity™ newsletter is going to give you the low-down on how to do RE right and how it fits in to delivering an effective security program via The Agile Security System™ that guides everything we do.
However, you’ve only got until the end of the month to make sure you get the goods on effective RE for your security program. When the issue goes to the printer at the end of the month, then that’s it. You’ll have to wait until when – and if – decide to offer back issues, and even then, depending on what ultimately ends up in it when I finish it up this week, it might not be available again for purchase even as a back-issue.
Like always, if you’re interested in practical, actionable guidance and advice on how to integrate effective RE into your security program, this is going to be for you.
If you’re the type who likes to collect knowledge like beer cans, to put on the shelf and stay full of beer you never actually drink, then save your money. This isn’t something to put on the shelf. The issues of the newsletter are intended to be torn open, devoured in one sitting, and then be put into practice the very same day.
To make sure your copy’s in your mailbox next month, go here, read the sales page carefully, and then click the big yellow button with your credit card in your hot little hand:
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
