[Note that this is a slightly abbreviated version (yes, really…) of the original. The original only went to the subscribers to my daily email tips, but you can get all the goodies too if you type your email in that box. You’ll always be the first to know what’s going on, and sometimes, it might also help your bottom line. — Ed.]
Ok, so I’m hoping that I’ll at least get 50% with this email, because I have 3 announcements that I’d like to share with you.
The first one comes from feedback from people over the last 4 years as I’ve been zeroing in on what eventually became The Agile Security System™ in July. I’ve heard it from clients and customers, I’ve heard it from people at conferences and I’ve heard it from my wife:
“Why don’t you write a book?”
So…that’s what I’m going to finally do. Up to now, I’ve effectively written loads of books, but they just weren’t for general public consumption, nor were they the “right” book. That was because I hadn’t gelled it all together into something simple and accessible yet with all the power of SABSA.
And, as you’re part of the crew that gets my daily emails, you’re going to be the first to know about it—and you’ll also be the first to buy it at a pretty hefty discount. That’s mostly because I don’t want to write something I’m not sure people will actually buy. I mean, I know it’s all valid and useful, because it’s stuff I’ve now been doing for some time, but whether it’s really of interest to you or not is a whole different matter.
In fact, I’m going to be doing a lot of writing over the next few months, but the goal of this book is to provide the Definitive Guide to The Agile Security System for Security Leaders and Security Architects to integrate architecture into the way they deliver their security programs. It takes information from our newly updated flagship 7 week training course, Building Effective Security Architectures with The Agile Security System, some of the content from the newsletter and expands on some of the materials I’ve presented at COSAC over the last couple of years.
The short version of what’s in it is:
- How to get started with The Agile Security System from an annual report, a project charter or your organization’s existing security policies
- Exactly how to integrate architecture-driven security into Agile and DevOps delivery pipelines
- Detailed descriptions of the Principles, Practices and the Baseline Perspectives
- Building the right team to deliver Agile Security
- The essentials of Requirements Engineering
- The Agile Security Activity Triggers that will run your security program and architecture iterations
- How to use the system to ensure effective information and cyber risk governance
- The right way to conduct an architecture-based risk assessment
- Basic security modeling with the Archistry Security Modeling Language™ (ASML)
- And pages and pages of annotated and worked examples (by me) for each of the security architecture starting points mentioned above: the annual report, the project charter or the existing security policies
If this sounds like something that might help you, there is a catch or two:
First, I’m not sure I’m going to write it yet. To make it worthwhile, I need to get at least 10 people to pre-order the book before Halloween (31st of this month).
The second catch is that it’s a print, physical book—and it won’t be small.
The third catch is that it’s not going to be shipped until sometime in January to give me time to do this right.
The fourth catch is that it’s not going to be cheap.
If you want to make sure you’re going to get yours in the first print run, you can pre-order your copy for $247 here: https://archistry.com/go/dgpo/.
That’s basically a 50% discount, and the promise I’ll make to anyone who orders it is that they will get a copy of the book if we hit the target 10 orders, or I’ll give you your money back in November if we don’t.
There’s no sales page yet, so the link above takes you directly to the checkout page.
The Second Announcement
=====================
One of the things that’s become clear over the last several months is that there’s a desire for ad-hoc help that doesn’t quite fit any of the existing programs Archistry offers right now. So, what I’m going to do for people on this list – and ONLY for subscribers of this list – is that I’m going to start piloting a single, security problem solving offering.
[list-only content deleted. — Ed.]
The Third Announcement
===================
Unlike I usually do, I’m not going to promote the November issue of the Security Sanity™ newsletter for the rest of the month. It will be published, and it will go to anyone who signs up before the 31st of October, but I’m not going to talk much about it.
The November issue is all about Business Risk and using Business Risk to identify and predict the information and cybersecurity controls you will need in your environment.
As always, if you want it delivered to your door in November, then you can sign up here:
That’s all for now, so until next time:
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
