Current Thoughts

It's been 9 days since my last post and I thought I would talk about some common themes that are coming up on my mind.  These are really the core focus of my posts and discussions under the overall theme of "Actually working to solve the security problem" as opposed to talking about more threat and fear.

  1. Applied Security.  Building out the blocks of a security program and going from "0-60".  I've talked a lot about some of the high level areas, such as "Culture and Communications", Need to detail out the strategic themes, roadmap, metrics and KPI's.
  2. Corruption, Technology and Crime.  Is corruption an indicator for fraud and e-crime?
  3. Theoretical Security.  This is fairly new and not a historical focus for me.  Yet, I think it's important as we are starting to mature, as an industry, to be able to consume some of these concepts.  Specifically, risk vs. uncertainty principals and have we been having the wrong conversation?
  4. Cyber Security Policy.  Walking through legislation, U.S. and International, what it means and how does it affect us.