When I was about 11 we had a next door neighbor kid named Billy. Billy was an OK kid, for a five-year-old. Sometimes I’d keep him company while his mom worked in the garden, tossing a Nerf football back and forth or running footraces where I tripped in slow motion right before the finish line so he could zip over as the victor.
It was kind of cool – I was staring down the barrel of middle school and impending young-adulthood, and it was fun to just play around and make him laugh.
But then it become a job. One day during Christmas vacation my mom said to Billy’s mom, “It’s OK, Michael can watch him while you go shopping.” To which I said something like this.
It rapidly became un-fun. Making sandwiches for the little whiner, walking to the park to push swings forever, making sure rules were followed … none of this was like tossing a Nerf or horsing around in fake footraces.
Some marketing wonk* here at Tripwire just told me I have to write more blog posts. Not, “Hey Michael, you can contribute posts whenever some topic meets your fancy” but, “You have to.”
I’ve contributed some 20-plus posts to The State of Security, and for the most part I’ve enjoyed every one. But this sounded suspiciously like “quota,” and for a moment I heard all the fun get sucked out of blogging like this.
But it could be fun. I looked over some old posts to remind me of the ones I enjoyed writing, and here are a few favorites:
- MAN-IN-THE-MIDDLE REDUX: This one is about how the CISO is emerging as the new “man-in-the-middle,” caught between infosec and corporate management
- CYBERWAR’S FOOT SOLDIERS: MOM AND POP: What the hack of a tiny book store tells us about the breadth and scope of cyberwar
- IT SECURITY, CUSTOMS, AND THE DREADED “QUAD“: A true story about losing my passport on a round-the-world flight and what it taught me about risk assessment
I also enjoyed participating in the creation of the Security Configuration Management For Dummies guide by Wiley Publishing.
This Tripwire Special Edition version shows you not only how to accomplish a wide-scale security hardening project, but how to make it stick.
This concise book provides detailed advice, industry best practices, and case studies that can help you make a case for introducing security configuration management into your infosec programs.
And best of all — it’s free from Tripwire.
These were sort of fun to research and write, and maybe some new posts will be fun. At the very least I’ll get a chance to invent some new words, like BLUDGERY.
* I can say this because a few months ago I was a marketing wonk too. But I’m better now.
- Cyber Security Information Exchange
- Adam Meyer on Implementing the Cyber Security Framework
- Don’t Reinvent the Wheel: Phil Agcaoili on the Cyber Security Framework
- The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
This publication is designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture.
The author, a security and compliance architect, examined each of the Controls and has distilled key takeaways and areas of improvement. At the end of each section in the e-book, you’ll find a link to the fully annotated complete text of the Control.
Download your free copy of The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities today.
Pre-register today for a complimentary hardcopy or e-copy of the forthcoming Definitive Guide™ to Attack Surface Analytics. You will also gain access to exclusive, unpublished content as it becomes available.
* Show how security activities are enabling the business
* Balance security risk with business needs
* Continuously improve your extended enterprise security posture
Title image courtesy of ShutterStock