One of the scenes in the original Shrek that I find rolling around my head on a semi-regular basis is where Donkey and Shrek are walking through the Sunflower fields, and Donkey’s trying to understand why Shrek would go fight the dragon and rescue a princess just to make someone happy.
…I mean, he’s an ogre after all, right?
So Donkey looks at him at one point and says, “I don’t get it, Shrek. Why don’t you just go pull some o’ dat Ogre stuff on him. Ya know, throttle him! Lay siege to his fortress! Grind his bones ta make yer bread…ya know, the whole ogre trip?”
After some amusingly gruesome suggestions as to what he could’ve done, Shrek looks at Donkey and says, “For your information, there’s a lot more to ogres than people think.”
“Example?” Donkey questions.
Shrek thinks a minute, then replies, “Example? Um….ok, ogres are like onions!”
Donkey sniffs the onion Shrek is offering as evidence, and asks, “They stink?”
“No!” Shrek shouts, and then waits while Donkey runs through some other amusing and alternative rationales before Shrek finally shouts, “Layers!”
“Onions have layers. Ogres have layers,” Shrek explains. “Do you get it? We both have layers!” and he throws the onion into the dirt and storms off.
“Oooohhhhh….ya both have laayyyeeerrrs. Oh,” Donkey replies, sniffing the onion. “Ya know, not everybody likes onions….Cake!!”
Still makes me laugh.
Onions. Cake. Parfaits.
…and irrespective of whether parfaits actually ARE the most delicious thing on the whole damn planet or not…
It kinda seems there’s a lot of security teams out there that didn’t get the memo.
Layers are everywhere. And yet, somehow…and quite surprisingly…
…they’re missing from a whole helluva lot of security programs I’ve seen.
No layers in our policies. Nope. Not here.
No (or not enough) layers in our architecture. What? We got BOTH kinds o’ architecture, Dawg. Logical AND Physical. What the hell’s yo problem, anyway?
No layers in…well, damn near anything.
And yet…layers are one of the most useful and critical things in architecture of any kind.
Layers help us isolate rates of change.
Layers help us tame the complexity beast.
Layers help us step back from the edge of being swept into the abyss of the Detail Junkie.
But then again, nobody really understands the critical role of architecture to underpin the entirety of everything.
Yeah, one mo’ time fo’ th’ hearin’ impared:
I said EVERYTHING…[ing…ing….ing….ing…]
…that the security team should be doing can be done better, faster, cleaner, more effectively, more efficiently and for less cost…
IF it’s based on an architecture that everyone agrees and understands.
Because, right there on page 19 of the August Security Sanity newsletter, I talk about exactly what the purpose of security architecture should be.
And you can’t fulfill the true purpose of security architecture if you don’t know how to manage complexity…
…if you don’t know how to isolate layers of change (which by the way gets some pretty deep coverage on page 22 to page 27).
But hey, that’s ok.
If you don’t think you want some stinky ogre aspects all over your bright, shiny and 1,000,000% standards-compliant, certified, guaranteed and government-approved security program…
Hey, that’s cool.
You just go right ahead and open wide…
…because that there elephant a runnin’ at you full-tilt, clockin’ 25 whole miles-per-hour on da radar gun, is gonna be a big bite to swallow.
Or, in case you don’t want to end up flatter than a pancake under the very heavy foot of a bull elephant, you could always figure out the best way to manage the complexity of both your organization…
…and your security work…
…by reading, well…it’s kinda spread across the whole damn issue, really.
Because that’s the problem you need to solve.
You need to find a way to manage the complexity that sucks the life out of you and your team every day that, in the vast majority of my personal experience, just isn’t under control.
That’s the secret.
And if you want to know how to actually do it…
…because there’s more to it than layers…shhhhhhhhh…..
…and you’ll still get some stinky ogre, cake and parfait based security all at the same time,
Well, just go subscribe. It’s all right here. And I’m serious when I say you can literally transform your security architecture and the way you communicate with the executives and the Board in as little as a week.
Yeah. I said a week.
But only if you actually apply what’s in the August issue.
So tick-tock. Only 5 days left, then it’s gone forever.
And I can tell you, I’m already working on the next iteration, and this is the cheapest you’ll ever get it. It’s that important, and, dare I say it…it’s that good.
So do, or don’t.
Just decide. That’s all I’m asking. If you want in, now is the best time ever to subscribe.
If you miss it, don’t come complaining to me. You’ve had plenty of time.
The key to unlocking all the onions, ogres, and parfaits you’d ever want (or could eat) are all right here:
And you KNOW it’s always better to get on the train early than later. I’m only getting started, and this ol’ train ain’t NEVA gonna stop!
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
P.S. Here’s something you can do if you liked today’s post: you can sign up for those daily emails that annoying pop-up keeps asking you about. Or, if you want to know more about what you’re going to get if you do and how it works, then just go knock on the front door: https://archistry.com and you’ll get the whole deal.
Or…you can just keep reading the blog, or ignore me and Archistry all together. I’m good either way.
