My very first post!
Who am I, and why should you read what I have to say?
The truth is, I’m likely no different from any one of hundreds of other InfoSec (or Cyber, if you prefer the sexier term) practitioners out there. I’ve been working in this field for a number of years, particularly in the US DoD arena. I’ve watched the operating and threat landscape evolve, and I’ve observed the struggles the “good guys” go through trying to keep up.
There’s a lot of things that can be said for Humanity, and unfortunately much of it is not good. We’re innately a flawed species, but we’re all we’ve got. We could do so much if we worked together, but we don’t (remember the term “flawed” – it will be a central, recurring theme). We’re tribal; we love to see things in polar perspective. It’s always easier, more comfortable to talk about “us” versus “them.” There’s a LOT of psychology in Security, from trying to determine what makes an attacker tick, to see what they’re after, to trying to get inside our users’ heads to determine the best way to get others to take the necessary effort to employ even the most rudimentary security controls and precautions.
I’ll warn you right now – my thoughts wander. I’m a student of human nature, a (very) amateur psychologist, and a Security Evangelist. I believe in social and individual responsibility. And I believe in leaving the world a better place for those who come after us. These traits (among my many others) cause me to wax poetic at times, and I know that’s not to everyone’s liking. (They also cause me a LOT of angst.) I’m not offended if you find my meanderings confusing (you should try living inside my head for a while!) But the main reason I’m writing is to provoke thought and discussion. You may not agree with what I have to say – that’s not a problem as long as we can have a respectful discussion. But if I can spark a creative dialog, maybe – just maybe – this Blog will serve a positive purpose.
One other note – if you’re looking for deep technological discussion from me, it’s not likely to happen, unless it’s in response to someone else’s thoughts. I’ve been removed from the deep technology of security for a while, and have been working more in the manager role (thus, the psycho-social focus). But I’m always interested in learning from others, so feel free to contribute your own thoughts.
As to the “why” portion mentioned above – the truth is, I don’t have a good answer to that. Maybe you’re looking for something you haven’t seen elsewhere. Maybe you like to hear someone prattle on. Maybe you’re looking for an interesting conversation, and you think you can find that here. Maybe you’re just looking, and aren’t really sure what for. Life is a journey; none of travels alone. Maybe together, we can contribute something of worth to our world. I do believe that education is key, and discussion is vital to learning – true, two-way discourse. So again, welcome; I hope this proves to be worth your time.
