After reading through my last 3 blogs I realized that something needs to be clarified. Even though surveying and interviewing humans is required in order to create successful security architecture it’s HARD! There are so many things that influence answers, cause people to tense up and shut down, or just not understand what your questions are asking. In fact making a survey is so involved that I had to take a 4-month graduate level course on it before they would …

Read more »

I recently came across the following article on Digg titled “This Insane Image Shows How Many Planes Are In the Air Right Now For Thanksgiving” in which the author states that a ‘helluva’ lot of people are in planes the day before Thanksgiving. Normally I would look at that picture and go “wow” but two things caused me to take pause. First, I wondered what that picture looked like on a normal day? Second, I know a pilot really well …

Read more »

There’s a common theme among the last couple of posts on here: first, I ranted about SANS new Securing the Human program, and then Josh got all ranty about Forrester’s “Zero Trust Model”.   Here’s the thing – my biggest frustration with both of these “innovations” in our industry is that they’re nothing new.  Both SANS and Forrester are reinventing the wheel and running around claiming it to be something new. To wit – let’s take a quick Back-to-the-Future gander …

Read more »