Post thumbnail
When Andrew and I wrote The New School, and talked about the need to learn from other professions, we didn’t mean for doctors to learn from ‘cybersecurity thought leaders’ about hiding their problems: …Only one organism grew back. C. auris. It was spreading, but word of it was not. The hospital, a specialty lung and…
Read More ‘No need’ to tell the public(?!?)
Post thumbnail
Eric Ries wrote the excellent book Lean Startup. In a recent interview with Firstround, he talks about how to integrate gatekeeping functions into a lean business. There is a tremendous amount of wisdom in there, and almost all of it applies to security. The core is that the gatekeeper has compassion for the work and…
Read More Ries on GatekeepersOne of the themes of The New School of Information Security is how other fields learn from their experiences, and how information security’s culture of hiding our incidents prevents us from learning. Today I found yet another field where they are looking to learn from previous incidents and mistakes: zombies. From “The Zombie Survival Guide:…
Read More Learning from Our Experience, Part ZStefan Larson talks about “What doctors can learn from each other:” Different hospitals produce different results on different procedures. Only, patients don’t know that data, making choosing a surgeon a high-stakes guessing game. Stefan Larsson looks at what happens when doctors measure and share their outcomes on hip replacement surgery, for example, to see which…
Read More What Security Folks Can Learn from DoctorsThere was a story recently on NPR about kitchen waste, “No Simple Recipe For Weighing Food Waste At Mario Batali’s Lupa.” Now, normally, you’d think that a story on kitchen waste has nothing to do with information security, and you’d be right. But as I half listened to the story, I realized that it in…
Read More Infosec Lessons from Mario Batali's KitchenThere have been two fatal air accidents this week, one in Ukraine in which 170 people died, and one in Kentucky, in which 50 people died. In neither case is terrorism being blamed as I write this. The safety engineering that makes air travel so safe is astounding. The primary activities, from pilot training to…
Read More Air Safety: Terrorism and Crashes