Winning Systems & Security Practitioners 1. Introduction

1100 words, 4 1/2 minutes. Introduction “Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity." - George S. Patton If you’ve read my previous postyou’ll know that to get beneficial, long lasting, low-maintenance results in Information Security, you need winning systems. Not skills. If you like grinding monotony punctuated by periods of extreme stress and being able to tell people how busy you constantly are, you can safely return to your to-do list. »

Forget Solving The Cyber Security Skills Shortage

1100 words, 4 minutes. This post is one of a short series on structural and systemic things the Information Security industry does wrong, and what we might do about them. Disclaimer: I advocate lifelong learning, that includes professional training, product training, workshops, online or in-person courses, and academic study. The professional trainers I know who author and deliver their own material are among the most mentally agile people I’ve ever met. »

The Age Of Invisible Disasters

1400 words, 5 minutes. The Tay Bridge disaster occurred during a violent storm on 28th December 1879 when the first Tay Rail Bridge collapsed while a train was passing over it from Wormit to Dundee, killing all 70 people aboard. It is widely accepted by engineers that disasters teach us more than successes. Said another way, we don’t learn from the bridge that stays standing. After the Tay Bridge disaster there was an investigation. »

Elephant Proofing Your Web Servers

750 words, 3 minutes. The Case For Default Deny What’s free, permanently reduces your exposure to a range of potential vulnerabilities, requires no maintenance, and takes only a few minutes to implement? Most web servers are installed to serve content to unauthenticated users on the Internet. Most only have a finite list of URLs or a specific number of web apps. I’ve always thought it strange that they install in a default-permit mode. »

About me

900 words, 3 minutes. Arno Breker’s Dionysos. 1936. 20+ years as CTO, Founder, Investor, Product Manager, Consultant, Engineer & advisor to corporations, law enforcement, government, & NGOs. Cyber Security Éminence Grise. Still a work in progress. This is how I got here: From Internet Start-Up To Global Telecommunications Giant In 5 Years I started researching computer and network security in the early 1990s and began my professional career in 1995 with one of the UK’s first Internet Service Providers. »

Author image Nick Hutton on #meta,