Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.
Rafal (Principal, Strategic Security Services)
If you're a monstrous Monty Python fan like I am, you'll recognize that line. You're probably also expecting to see John Cleese in a bikini ...sorry to disappoint. At any rate, I thought I would give you, my readers, some warning on what will be happening here on the blog as things evolve over the next few weeks, and what to expect different.
First - stop what you're doing and click that "Subscribe" button on the top-right corner of this page. Even if the blog URL changes (I have no control over this... sorry) the RSS feed is always updated first. Please do this just in case...
Next, in case your cave doesn't get Internet, HP is putting serious focus on security. That's a good thing, given that the person writing this blog is a little bit passionate about security What does that mean? Stay tuned. I can tell you that from the CEO down we're thinking up of truly innovative ways to think, build and execute on the concepts of security and risk management... in complex environments just like yours. This means more thinking, and certainly more expansive coverage of the topic of security here on the FtWR blog! The Wh1t3 Rabbit will continue to focus on applications - but now I get to add a little bit of flare from the rest of the enterprise security gadgetry. I feel privileged to work alongside people like Will Gragido, Brian Chess and all the other folks who have tons of knowledge to share. Look for guest-posts from some of the big hitters here too!
So - all around good stuff happening here! Now is the perfect time to follow me on Twitter (also a link in the top-right of this page), put a permanent hashtag search into Twitter for #SecBiz (If you don't know what that's all about, check here), and stick around. This is about to get fun.
Cheers - more soon!