Black Hat: Articulating the Value of Security

October 12, 2009 by ADMIN · Leave a Comment

By Steven Fox, Founder of SecureLexicon

How do we market security? The cyber-bullies among us might still use Fear, Uncertainty, and Doubt. While this may produce short term acquiescence, that approach ultimately alienates us from the decision makers. Ultimately, security professionals must identify what is valuable to the business and then associate the need for security with those assets

Sun Tzu Part 5: Methods and Sound Tactics

September 1, 2009 by ADMIN · Leave a Comment

By Fred Leland, Founder of LESC

Here we focus on methods which are developed and learned based our organizational and individual philosophy, and how that philosophy is emboldened by strong character leadership, which in turn influences our perception and understanding of the climate on the ground, and directly affects the decisions and actions we take in a given situation.

Sun Tzu Part 4: Defining True Leadership

August 19, 2009 by ADMIN · Leave a Comment

By Fred Leland, Founder of LESC

Leaders must be constantly learning and evolving to meet the changing, conventional and unconventional threats we face. Leadership is the main component for ensuring a fluid decision making cycle. Leadership must reduce the friction through practicing these basic qualities Sun Tzu describes.

Black Hat: Risk and Application Security

August 17, 2009 by ADMIN · Leave a Comment

By Steven Fox, Founder of SecureLexicon

The majority of IT security spending is focused on perimeter security. These measures are reactive in nature. “With the advent of Web Services and SOA, the attack surface is more exposed and is getting more complex. The more complex a system is, the easier it is to compromise. Security should be considered early in the software development process.

Sun Tzu Part 3: Understanding Your Terrain

August 12, 2009 by ADMIN · Leave a Comment

By Fred Leland, Founder of LESC

The terrain is more than the physical place, it is also, the people there, their thoughts, actions and motives as well as other resources at your disposal. And also at the adversary’s disposal. All this must be considered to be successful.

Sun Tzu: Climate and Situational Awareness

August 4, 2009 by ADMIN · Leave a Comment

By Fred Leland, Founder of LESC

Knowledge is paramount in our efforts to understand our “climate” when it comes to conflict, it’s causes, how it’s fueled by the feeling of loss of control, and how it either unfolds progressively over time or rapidly without notice. The extremes, ups and downs of emotions that spur loss of individual control and can lead to hot conflicts, dangerous encounters and unpredictable results.

Sun Tzu: Analysis and Strategic Positioning

July 29, 2009 by ADMIN · Leave a Comment

By Fred Leland, Founder of LESC

Sun Tzu’s theories are for the tactically minded professional wanting to secure every possible advantage - for the professional who wants to understand the mental, moral, and physical realms of conflict. WHY? Because that’s how we win on the street.

Infosec As a Form of Asymmetric Warfare

July 11, 2009 by ADMIN · Leave a Comment

By Steven Fox, Founder of SecureLexicon

There are an amazing number of parallels between The Art of War and the information security business. In its very basic form – knowing your enemy – knowing how cyber vandals, miscreants, criminals, and even nation-state actors use cyber attack and cyber exploitation for their various objectives.

Sun Tzu and The Art of CIO Success

June 28, 2009 by ADMIN · Leave a Comment

By Steven Fox, Founder of SecureLexicon

The CIO is a “General”. Generals are not concerned with how the weapons function or how the rank-and-file are performing. This is the job of the lieutenants. The General focuses on the strategic application of resources on the battlefield.