February 13th, 2014 by John
I just wrapped up a great podcast with the Security Advisor Alliance, moderated by Neil Thacker. This neat idea for an organization is something that Jason Clark (CSO/Accuvant) brought to me two years ago, when he was at Websense, and I am really happy to see it coming to fruition.
The Security Advisor Alliance is a coalition of a couple dozen experienced CISOs, who are willing to donate some of their personal time each month to advise and give back to the security community. It’s a great idea and so if you attend RSA Conference, look for me or find Jason Clark and ask about how you can get involved! Read More
Posted in Blog
February 13th, 2014 by John
I am very glad to be moderating another great risk management and metrics panel for the third year in a row, at RSA Conference! The panel is a continuation of the great work we did at last year’s RSA Conference, where we had an encore because of the overflow from the first time slot.
The panelists are: Alex Hutton, Jack Jones, David Mortman and Caroline Wong. What a great line-up of experts to have. Read More
Posted in Blog
February 13th, 2014 by John
I am excited to be speaking with Jason Clark (CISO/Accuvant) at RSA Conference next week. Our talk is titled, “Castles in the Cloud: Data Protection in the Consumer Age”. You can listen to our podcast here: http://t.co/FEpxu3RqI0.
Join us at 10:40AM on Wednesday, February 26 at RSA Conference! Read More
Posted in Blog
February 13th, 2014 by John
I have a webinar on Thursday, February 13 at 1PM EST on the topic of Insider Threat. The webinar is with Bob West, CSO at IntelligentID, and is sponsored by Luxoft.
http://t.co/uHtYYEVoXv
Posted in Blog
January 31st, 2014 by John
I wanted to share an article that came in my faculty email today. This is a great reminder of what we should aspire to be as teachers. [Source: The Teaching Professor Blog]
- Good learners are curious – They wonder about all sorts of things, often about things way beyond their areas of expertise. They love the discovery part of learning. Finding out about something they didn’t know satisfies them for the moment, but their curiosity is addictive.
- Good learners pursue understanding diligently – A few things may come easily to learners but most knowledge arrives after effort, and good learners are willing to put in the time. They search out information—sometimes aspiring to find out everything that is known about something. They read, analyze, and evaluate the information they’ve found. They talk with others, read more, study more, and carry around what they don’t understand; thinking about it before they go to sleep, at the gym, on the way to work, and sometimes when they should be listening to others. Good learners are persistent. They don’t give up easily.
- Good learners recognize that a lot of learning isn’t fun – That doesn’t change how much they love learning. When understanding finally comes, when they get it, when all the pieces fit together, that is one special thrill. But the journey to understanding generally isn’t all that exciting. Some learning tasks require boring repetition; others a mind-numbing attention to detail; still others periods of intense mental focus. Backs hurt, bottoms get tired, the clutter on the desk expands, the coffee tastes stale—no, most learning isn’t fun.
- Failure frightens good learners, but they know it’s beneficial – It’s a part of learning that offers special opportunities that aren’t there when success comes quickly and without failure. In the presence of repeated failure and seeming futility, good learners carry on, confident that they’ll figure it out. When faced with a motor that resists repair, my live-in mechanic announces he has yet to meet a motor that can’t be fixed. Sometimes it ends up looking like a grudge match, man against the machine, with the man undeterred by how many different fixes don’t work. He’s frustrated but determined to find the one that will, all the while learning from those that don’t.
- Good learners make knowledge their own – This is about making the new knowledge fit with what the learner already knows, not making it mean whatever the learner wants. Good learners change their knowledge structures in order to accommodate what they are learning. They use the new knowledge to tear down what’s poorly constructed, to finish what’s only partially built, and to create new additions. In the process, they build a bigger and better knowledge structure. It’s not enough to just take in new knowledge. It has to make sense, to connect in meaningful ways with what the learner already knows.
- Good learners never run out of questions – There’s always more to know. Good learners are never satisfied with how much they know about anything. They are pulled around by questions—the ones they still can’t answer, or can only answer part way, or the ones without very good answers. Those questions follow them around like day follows night with the answer bringing daylight but the next question revealing the darkness.
- Good learners share what they’ve learned – Knowledge is inert. Unless it’s passed on, knowledge is lost. Good learners are teachers committed to sharing with others what they’ve learned. They write about it, and talk about it. Good learners can explain what they know in ways that make sense to others. They aren’t trapped by specialized language. They can translate, paraphrase, and find examples that make what they know meaningful to other learners. They are connected to the knowledge passed on to them and committed to leaving what they’ve learned with others.
Good teachers model this kind of learning for their students, which makes me believe that “good learner” belongs on those lists of good teacher characteristics.
Posted in Blog
Check out this interesting 12 minute video where Lisa Phifer gives 5 common sense steps for approaching enterprise BYOD. I think she does a good job of giving advice on how to start down this road.
As she says, just banning personal devices won’t work as we continue to accelerate down the consumerization of IT path that we all seem to be on. I think we will very quickly see consumers, and especially Millennials, who are quite able and desire to do all their work on mobile devices. Combine that with more enterprises moving to cloud services, and you see that traditional thinking won’t serve us anymore. Between device-centric (MDM), network-centric (segmentation) and data-centric (sandboxed apps and VDI) approaches, there is something for everyone. You need to determine what works for your enterprise, and even if it isn’t a perfect solution, take a Risk Management approach and start with the greatest risk. Read More
Posted in Blog
I wanted to wrap up the IQPC IT Security Exchange that I attended this week in St. Pete, Florida. This was a good solid conference, covering trends and technologies. There were about three dozen security executives from all industries, and most of the talks were given by CISOs, regarding the topics that we are all concerned about: Big Data, BYOD, Cloud, CoIT, Breaches, Threat Intelligence… There were about 6-10 vendors sponsoring the event, and most of them were ones I had not been aware of. This is the kind of event where costs are kept low and you spend 2 days of discussing security with peers, over three days.
I gave my talk, Big Data: Big Brother or Big Deal? on Sunday. Find links below to the presentation. Read More
Posted in Blog
February 22nd, 2013 by John
I will be joining a panel over lunch this coming Wednesday, February 27th, at LuLu Restaurant in San Francisco for a Trainer Communications event, “Security Never Sleeps”. Please consider joining us!
Enjoy lunch while listening to a panel discussion and Q&A with the CSO of Sallie Mae, CPO of McAfee, business technology reporter Scott McGrew from NBC-TV and analyst Derek Brink of Aberdeen Group. Learn how to make your messages resonate with each of these audiences, and learn what doesn’t work and what has changed.
Posted in Blog