If there’s one thing that I think causes the most conflict between security and “the business”, it’s trying to figure out how to deal with policy exceptions. Now, in some cases, organizations have this pretty well dialed out—but based on my observations, I’m not really sure they truly understand why this is the case. So […]
Why slacker security architects are the best
There’s a word that pretty-much describes most of the architects I know. Pedantic. And if you subset that list to the ones that are security architects, then I’d say that gives you something like Pedantic++. Because what we’re really taught to create as security architects are rules based on all the minor details of all […]
“Mind blowing” security architecture
Today’s been a bit hectic for me, so I’m going keep this one short. It’s inspired by a conversation I just had with someone we’ve worked with previously who reminded me that of all the stuff I’ve talked about so far, one of the the…well, many things I haven’t yet talked about that you’ll learn […]
Busting the Zero-Trust drug dealers
This “zero trust” thing is really starting to get out of hand. It’s clearly the newest security drug everyone seems to be pimping on every street corner—from vendors to advisors to the media. “Pssst….hey buddy. I know they say you can’t buy it, but…wanna fix?” The reason it’s so important to get these low-class dealers […]
The mad magic of middle-out architecture
You might remember me talking about the 3 different kinds of security architecture you’re really going to need to build – or, more correctly, discover – as part of the process I call architecture archaeology. Two of them are probably pretty-familiar to you, because we tend to use them all the time as either excuses […]
- « Previous Page
- 1
- …
- 12
- 13
- 14
- 15
- 16
- …
- 41
- Next Page »