July Meeting Topic: Captivating Security – Safety versus Passion
Captivating Security – Safety versus Passion
July 20, 2017 3-5 pm
Speaker: Josh More
Carlson Wagonlit Travel
701 Carlson Parkway (601 is attached through foyer)
Minnetonka, MN 55435 (Map)
Parking: Attached Parking structure, visitor parking available.
Main Level, Level C from parking Garage turn Right, go down towards Concierge desk, veer right, at the balcony turn left and go to elevator (Please note that this is the 601 Tower), take the elevator 1 floor up to conference center, and look for Room 6 & 7.
After decades of trying to get noticed, infosec has arrived in business. We have the attention of senior management and boards. We finally have budget. We finally have power. What are we going to do with it?
We stand at a fork in the road.
One path is well trodden. Paved with best practices, metrics, and models, we can follow other industries. By restricting capabilities and focusing on compliance with regulations, standards, and monitoring efforts, we can merge with mature industries like banking, insurance, and the highly structured governmental/military ways of doing things. This path is safe.
The other path is rocky and overgrown. This is the path walked by those who must deal with complexity. Using nature conservation as a model, this path involves constant exploration and experimentation. Those on this path must use creativity and resilience to address the complexities involved in the overlap of economics and ecologies. This path is risky … but with risk comes reward.
Josh More is actively researching this second path, using the history of endangered species conservation and captive breeding as a model for where our industry could go. Though a harder path and less certain, the advantages of resisting the easy path could be tremendous. This is extremely early stage research and Josh would appreciate frank discussion around the ideas involved to help guide future research and maximize the utility of the eventual book.
Josh has more than eighteen years of experience in security, IT, development and system and network administration. Currently, he runs Eyra Security, a security and business improvement consulting firm based in Minneapolis, MN. Josh holds several security and technical certifications and has served in a leadership position on several security-focused groups. He has written several books on I.T. and Information Security, with the aim of applying to I.T. lessons learned from outside the core discipline, such as Agile/Lean Principles, Natural History, Psychology, Economics and Complexity Science. Josh specializes in the overlap between security and business practices, including vendor/customer management, technology transitions, and security as competitive advantage.