[Note that this is a slightly abbreviated version (yes, really…) of the original. The original only went to the subscribers to my daily email tips, but you can get all the goodies too if you type your email in that box. You’ll always be the first to know what’s going on, and sometimes, it might […]
Hell, no! I don’t care about your security policies!
Ever get the feeling that this is really what your business and IT customers are saying to you whenever you’re sitting in that last-minute security review and you catch them in violation of the security policies you know have been published for at least 6 months—and which they’ve had to go through (probably mind-numbing) mandatory […]
Is it worth it?
I was recently asked when I was talking to someone about the newsletter you hear about most days whether it was really worth it or not. The reality is that I can’t answer that question for you. You have to make your own value calculation, and then you have to decide if about $3/day is […]
Eating your security requirements
Ok, I get it. The whole concept of Security Requirements Engineering might be just like that old Life cereal commercial I grew up with. You might remember, if you’re old like me, but there’s these two brothers, and they have a bowl of cereal. One says to the other, “What’s that?” The other looks at […]
Johnny and the Mothers are playin Stompin’ at the Savoy in Vermont tonight
One movie that’s stuck with me since I was a kid was Johnny Dangerously. It’s so silly it’s still funny—especially the “C’mon shelf paper!” car chase scene…but that’s fodder for another email. If you’ve seen the movie, you might remember that a critical point was when Vermin, the aptly named villain of the story, discovers […]
