You are currently browsing the monthly archive for January 2015.

As you may have heard, I’ll be teaching a cybersecurity framework class around the country this year. It will be fun, educational, practical, and unique.  Im going to try to open the two day class up with a LEGO exercise and we’ll close with a day long practical workshop where we solve a problem or two with a customized integration of existing frameworks.  In between, we’ll talk about the theory of security, the theory of frameworks, and do deep dives into the ES-C2M2 and the new NIST Cybersecurity Framework (#NISTCSF).  If this sounds worthwhile – and I promise it will be to techies, executives, and in-between – check out the detailed description here and look for a class near you here.  In the mean time, as a teaser, here’s one of the diagrams I’m working on for the class. It’s a parasitic model of security that tries to communicate that security is neither about technology nor can its sustained improvement be effectively modeled in terms of “incidents”.

hackervaluechain2

Advertisements

Follow me on Twitter

My Art / Misc. Photo Stream