Alright, alright. This feels a bit strange. But I’m collecting my folksy sayings on cybersecurity leadership and design in one place. I’ll update this over time.
- Good security is usable security.
- Good security gets out of the way of users while getting in the way of adversaries.
- Good security frustrates attackers not users.
- Good security first delivers a business outcome and then, as a result, increases security.
- Good security supports changing maturity.
- Good security projects leave people hungry to play again
- Ownership is not a security control.
- Security is not what we control, it is what they do.
Defense and Offense
- When work looks like work, work gets done.
- Risk isn’t the language of the business. Story is.
- Security happens where mankind meets machine.
- The more constraints placed on users, the more creative they become.
- All a better mousetrap does is breed better mice.
- Four ways CISOs can move enterprise security into the new normal (September 2020)
- A pre-mortem on Zero Trust (May 2023)
- Investments in cybersecurity initiatives (August 2023)
Always remember friends: The Cyber War will not be won with platitudes.
— WolfPosted by