ISC2 Captivating Security – Safety versus Passion

Date:07/20/2017 | Time: 3:00 - 5:00 p.m. CST


After decades of trying to get noticed, infosec has arrived in business. We have the attention of senior management and boards.  We finally have budget. We finally have power.  What are we going to do with it? We stand at a fork in the road.

One path is well trodden. Paved with best practices, metrics, and models, we can follow other industries. By restricting capabilities and focusing on compliance with regulations, standards, and monitoring efforts, we can merge with mature industries like banking, insurance, and the highly structured governmental/military ways of doing things. This path is safe.

The other path is rocky and overgrown. This is the path walked by those who must deal with complexity. Using nature conservation as a model, this path involves constant exploration and experimentation. Those on this path must use creativity and resilience to address the complexities involved in the overlap of economics and ecologies. This path is risky … but with risk comes reward.

Josh More is actively researching this second path, using the history of endangered species conservation and captive breeding as a model for where our industry could go. Though a harder path and less certain, the advantages of resisting the easy path could be tremendous. This is extremely early stage research and Josh would appreciate frank discussion around the ideas involved to help guide future research and maximize the utility of the eventual book.