Upcoming Events
May
8
Thu
May
ovSAGE May Meeting: Environmental monitoring with the Raspberry Pi
May 8 @ 18:45 – 22:45

More details to come, demo and hardware will be present.

Jun
19
Thu
Jun
ovSAGE Monthly Meeting
Jun 19 @ 18:45 – 22:45

This is the generic event place marker for the calendar. It will be updated as the events get filled out and speakers are lined up.

Keep an eye on this space for details

Jul
17
Thu
Jul
ovSAGE Monthly Meeting
Jul 17 @ 18:45 – 22:45

This is the generic event place marker for the calendar. It will be updated as the events get filled out and speakers are lined up.

Keep an eye on this space for details

Interesting Links

Beautiful Security Cover

Beautiful Security is a collection of essays on security thought from a variety of industry leaders. The sixteen chapters of the book cover a surprisingly wide base of security domains making it worth reading just for the exposure to the wealth of ideas. The fact that the essays are intellectually entertaining is a bonus.

The best sections of this book are the places where some of my long held beliefs get challenged by the chapter author, particularly the issues involved with security in cloud computing. I still have a healthy skepticism for the claims of cloud service providers, but the concept that we will not get any better at securing abstracted compute environments until we start using them is correct. You do not become an expert at something until you invest a significant amount of time and practice into it, so how can we expect to secure these environments unless we use them?

Another surprise is the essay on law and infosec. This is not my first choice in reading topics but I have been exposed to other schools of thought over the years and typically enjoy them once I’ve realized that I’m ignoring useful information. This chapter is no exception. Although it is oriented towards U.S. law, the concepts and situations presented are quite interesting and do provide an alternative perspective for methodologies on rolling out a security strategy. Sometimes we forget that there is significantly more to the process than a technical solution.

In my opinion, this is a book worth reading as it generates questions about the way we approach information security. I would recommend it to anyone who wants to get a better understanding of and exposure to the thought processes that go into the information security industry.

Comments are closed.