May 20, 2020 Far too many people approach security architecture like Fred Flintstone—that is, if they worry about proper security architecture at all. Mind you, I’m not talking about this here new-fangled, live-action fiddle-dee-dee that most people might think of. I’m talking about the one I grew up with, in the real caveman days. The […]
Goin’ back to Sec…hmm, I don’t think so
May 19, 2020 I had a couple of conversations over the last few of days that I’ve been turning over in my mind, and suddenly, to my surprise, some 1989 L.L. Cool J lyrics popped into my head. And yes, before the question forms on your lips, Walking with a Panther is in my music […]
Breaking through the “domain” barrier with security architecture
May 18, 2020 Let’s get straight to the point: if you approach security with a “domain” mindset, then you’re never actually going to be successful in protecting your organization—nor will you ever, not in a million-billion years, be able to demonstrate you’re actually helping them get things done they want to do. And, those quotes […]
But I’m never going to use it
Said lots of people, possibly with a lot of certifications after their name—or at least a drawer full of “Certificates of Completion” from various courses and programs. Back when I was talking about the 7 Deadly Sins of Security Architecture for the March issue of the Security Sanity™ print newsletter, one of the sins was […]
The real difference between architecture and engineering
I know it probably shouldn’t, but it still blows me away how many people don’t really get the difference between engineering and architecture—especially in security. A good while ago now, I happened on an infosec conversation in the twitterverse talking about the composition of the ideal security team. And, of course, there were SOC people, […]
