Security and the Unforeseen Use Case

Copyright © What The Hell? Security
Paul Vixie, venerable champion of DNS, writes a brilliant piece titled What DNS Is Not.
Vixie understands what most people don’t, or if they do, they’re too damn quiet about it. When you take a solution to one problem, and apply it against a different problem, you can create a [...]

Why We Need Fewer Security Engineers

Copyright © 2010 What The Hell? Security?
Don’t get me wrong. I love security engineers. Some of my best friends are, or used to be, security engineers. Hell, I used to be one myself.
But we’ve gotten to the point where we have way to many of ‘em. They’re practically crawling out of the woodwork relative to [...]

there are no intractable security problems

Copyright © 2010 What The Hell? Security
Do intractable security problems exist?  Give me a break.
In applicability to business I mean.  Think you found one?  Tells me you don’t grok the problem you’re trying to solve.  Tells me your business requirements — you do have business requirements, right? — just ain’t crisp enough.
Got any intractable [...]

What The Hell? 8 Skills of the Hellacious CISO

Copyright © 2009 What The Hell? Security
CISOs, let’s face it, are a dry breed.  But some really know how to raise hell.  In a good way.  Here are eight skills to, ahem, emulate.
1. Abate – The bad rep security has among people who like to deliver projects on time.
2. Automate – In-house.  Because some problems, [...]