Upcoming Events
Dec
15
Mon
2014
19:00 December Meeting 2014: Annual So...
December Meeting 2014: Annual So...
Dec 15 @ 19:00 – 22:30
This month will be our annual social. Note that we will be having the event on a Monday night. The venue has been selected and Kelly is handling the meal selection. Expect an email from[...]
Jan
15
Thu
2015
18:45 January Meeting 2015: Puppet Talk
January Meeting 2015: Puppet Talk
Jan 15 @ 18:45 – 20:45
Details to follow, probably in December.

View Calendar

Interesting Links

Beautiful Security Cover

Beautiful Security is a collection of essays on security thought from a variety of industry leaders. The sixteen chapters of the book cover a surprisingly wide base of security domains making it worth reading just for the exposure to the wealth of ideas. The fact that the essays are intellectually entertaining is a bonus.

The best sections of this book are the places where some of my long held beliefs get challenged by the chapter author, particularly the issues involved with security in cloud computing. I still have a healthy skepticism for the claims of cloud service providers, but the concept that we will not get any better at securing abstracted compute environments until we start using them is correct. You do not become an expert at something until you invest a significant amount of time and practice into it, so how can we expect to secure these environments unless we use them?

Another surprise is the essay on law and infosec. This is not my first choice in reading topics but I have been exposed to other schools of thought over the years and typically enjoy them once I’ve realized that I’m ignoring useful information. This chapter is no exception. Although it is oriented towards U.S. law, the concepts and situations presented are quite interesting and do provide an alternative perspective for methodologies on rolling out a security strategy. Sometimes we forget that there is significantly more to the process than a technical solution.

In my opinion, this is a book worth reading as it generates questions about the way we approach information security. I would recommend it to anyone who wants to get a better understanding of and exposure to the thought processes that go into the information security industry.

Comments are closed.