Following the Wh1t3 Rabbit - Practical Enterprise Security

Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.

Rafal (Principal, Strategic Security Services)

Displaying articles for: March 2008


  First, let me say thanks for clicking and taking a minute to read my column.  I hope to keep your attention while teaching you something you hopefully already don't know so come back often, bookmark me, or feed it into your RSS reader.

   Let me use this first article to explain the types of content you'll find in this column, and some of my thought process when choosing what to write.  My column typically includes the following:

  • High-level discussions of security topics relevant in today's world - too many times the small stories are the big news and they don't get enough coverage
  • Semi-technical pieces on important issues which you should care about - it's a shame how the message of an article can get lost in the technical details.  Not everyone reads in binary and I understand that, and write my column accordingly.
  • In-depth analysis of specific headline-grabbing issues with a not-just-for-nerds spin - We'll take deeper dives into topics which grab the headlines with technical talk, explanations, and as always the "Why you should care" section.
  • Articles relevant to the business manager, the executive, and the aspiring CISO - Have you noticed how few columns there are written in an intelligent, technical and business-relevant way that you the manager can read and understand?

  You, my readers, are always invited to reply with your opinions, thoughts, and debate.  I thik a one-sided conversation is boring so I welcome your replies.  My only request is that you keep your comments and replies professional and work-safe; this is, after all, a column you would share with your manager.

  As a final disclaimer, the thoughts, opinions, and views shared here are my own - not anyone else's.  If you don't agree - write a rebuttal.  If you don't like it, don't read it.

 Thanks, I look forward to having you as a regular!

About the Author(s)
Follow Us
Twitter Stream

Community Announcements
HP Blog

Technical Support Services Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation