March 2013 Archives

Bruce Schneier would have us believe that security awareness training is pointless. People have inadequate incentive to change, and thus why waste the time, money, or energy? And, to a degree, he is certainly correct. The old-fashioned once-per-year computer-based training modules to which many (if not all) of us have been subjected are, in fact, completely worthless. After all, these training modules are a mere blip on the radar of one's life, with no foundation in reality, and making no meaningless impact on how we conduct our jobs.

However, that is not the state of practice in the industry. Or, more specifically, it's not the leading edge state of practice. Moreover, his comments ignore much that we know about approaches, learning styles, incentives, etc., based on research from the past few years.

Thoughts On RSA US 2013...

Well well well... what a week! Sadly, I didn't make a single session (other than my own) due to poor time awareness (several times I realized I had just missed the session I'd been planning to see, derailing myself by being chatty... go figure!). Overall, this was one of the best RSA conferences I can recall over the last few years. I mean, it ended with Hugh interviewing Billy Beane... how could it be much better? :)

For everyone I saw in San Francisco last week - it was great seeing you! For those I missed... dreadfully sorry, and I hope we catch-up at any of the many other events I'll be at later this year (e.g., Secure360, RMISC, MISTI "Big Data Security" conference). It has been a busy year thus far, and the pace will not be lessening anytime soon. Wheeeeeeeeee! ;)

I had the opportunity during RSA 2013 to interview Gen. Harry Raduege (ret.), who is currently Chairman for The Deloitte Center for Cyber Innovation. His full bio is available at the link provided. Among his many accomplishments, he was the longest-serving director of the Defense Information Systems Agency (DISA), including overseeing the restoration of ICT at the Pentagon in the wake of the 9/11 terrorist attacks.

About this Archive

This page is an archive of entries from March 2013 listed from newest to oldest.

February 2013 is the previous archive.

June 2013 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives


  • about
Powered by Movable Type 6.3.7