Tuesday, 28 March 2017


If you are like me, you have read through many articles and books on leadership. Most security professionals come with a technical background that does not directly facilitate leading people. But solutions aren’t easy to find, either. Many leadership training programs seem vague to me. What about “soft skills” vs. “hard skills”, Aristotle vs. Socrates, or the “art” of leadership? What are we to make of this? We are used to meeting compliance requirements and managing risk.

Presenting a book that I think fills a gap in leadership education: The Little Book of Leadership Development, by Scott Allen and Mitchell Kusy.

Allen and Kusy offer 50 ways to bring out the leader in every employee. Yes, a checklist of 50 items! The book’s focus is on how you can develop leadership skills in the employees you manage. But, in the process of doing this, you can develop your own leadership skills!

The book is divided into 5 sections. Each section contains 1-2 page tips on leadership. One section is devoted to you, the leader. The other four sections cover leadership topics you can share with your team. These four sections are: Skill Building; Conceptual Understanding; Personal Growth; and Feedback. My reading brings out quite a few valuable nuggets of information. So, highly recommended!

Posted on 03/28/2017 1:54 PM by Fred Scholl
Friday, 24 March 2017

On my way into the office this morning, I listened to a podcast interview of a well-known SIEM vendor.  I got more and more frustrated at the wheel, but did make it to the office without incident.  The focus of this conversation was the plethora of log sources that this vendor could ingest—system, network, endpoint—and the machine learning used to analyze the data.

This is backwards.  Good security designs need to start with the CUSTOMER.  Yes, the customer.  Who are the specific people that want information and what exactly do they want to see?  Users could be audit, security operations, CISO, security analysts, developer, etc.  Any other log files collected are irrelevant.  

This approach is just lean thinking applied to security.  Lean itself has been discussed in many books;  I discussed it in the context of security here.  The first lean principle is “voice of the customer”.  SIEM tool design needs to run backwards, starting with the user interface, not the sources of data.  Another lean principle is “systems thinking”, in other words how does the product or tool under discussion fit into the larger needs of protecting information.    Virtually every security product discussion I am part of focuses only on that product’s small part of the assurance puzzle.  I think CISO’s are getting tired of this and I hope vendors will take notice.

Posted on 03/24/2017 11:43 AM by Fred Scholl