Security Catalyst - 35 - Introducting Security 2.0
Recorded! From a hotel room in Phoenix (sure, it’s hot, but it’s a dry heat - try taking a tumble in your clothes dryer)… it’s another Security Catalyst Podcast (I know, about time!).
I’m actually excited to share something I’ve been quietly working on now for over a year - the evolution of security I have been calling Security 2.0. Wait! Look past the name and check out what I think the future for information security holds. I have started to collaborate with Ron Woerner on what this would entail, and we have submitted a proposal to speak at RSA 2007 in February - if selected, we hope that will be where the concepts really get grounded and introduced.
Until then, you can count on Ron and I to start to advance the concepts and the ideas covered in Security 2.0. Basically, security 2.0 comes down to three elements:
- leveraging web 2.0 to improve the way we practice information security
- taking the knowledge we have and securing web 2.0 offerings
- the tools, skills, attitudes and experiences of a Security 2.0 professional
Basically, I believe it’s time to completely shift the way we practice information security. We have to change the focus, make it more convenient, more simple and more, well, secure. It’s not that simple - but in this podcast, I introduce the concepts in a condensed fashion. More details will emerge and evolve in the coming weeks and months.
I look forward to your ideas, insights, passions and excitement as we work together to celebrate the positives and truly blaze a new trail in the future of information security. By learning our history and studying other fields, we will advance!
If you’re new to Web 2.0, here are some links to get you started:
Start Here:
What Is Web 2.0
http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html
This is a good summary: http://www.squidoo.com/introtoweb20/
I found this useful, too: http://en.wikipedia.org/wiki/Web_2
As we prepare to relaunch the Security Catalyst Community, we’ll incorporate a section for Security 2.0 so we can work collaboratively, leveraging Web 2.0 tools (!) to evolve this concept.
Help spread the word by linking to the Security Catalyst and share these ideas and concepts with others!
If you enjoyed this post, make sure you subscribe to my RSS feed!
Posted in Information Protection |
Print this post
|
Permalink
BitRatchet » Blog Archive » [security] security catalyst said,
August 30, 2006 @ 2:14 pm
[...] The Security Catalyst blog/podcast … blog entry on his idea of “Security 2.0″…very interesting ideas juxtaposing security concepts and web 2.0 concepts. Consider that most web2oh services place your data on their servers…but do you want to let your security on their servers. A lot of alternate concepts in that podcast. I think I’m going to listen to this guys past podcasts. [...]
The Security Catalyst » Blog Archive » Why the magazines keep getting it wrong - the answer to data breaches is not technology and legislation said,
August 31, 2006 @ 7:24 am
[...] « Security Catalyst - 35 - Introducting Security 2.0 [...]
AdamDodge said,
August 31, 2006 @ 9:53 am
Ron,
Thanks for the welcome! I am very excited to be joining the catalyst community and look forward to getting to know everyone as we work together in the future.
Adam
YEkim said,
August 31, 2006 @ 8:32 pm
I like your thoughts… and the name. I was surfing the web and ran across you site and now I’m hooked.
As for security 2.0, I do agree that we need to find better, simpler ways to implement security. It shouldn’t be a “add on”, but a “built in”. When I think simple, I always think of E=MC2. Why? Because it’s an equation that can help explain the mysteries of the universe and yet it’s only an inch long! That’s just incredible to me. So simple but yet so powerful. That’s the way security need to be.
Yekim
Santa said,
September 1, 2006 @ 12:44 pm
Yekim,
Agreed. Anytime we “bolt on” - it’s the first thing to go. I really think that we need to shift focus to experience of our users (and perhaps even ourselves). We need to streamline, streamline, streamline. I really like the concept of finding our own e=mc^2. We’ll figure it out, glad you’re here to help.
Santa
The Security Catalyst » Blog Archive » Security as a Differentiator (It’s Starting) said,
September 11, 2006 @ 10:17 pm
[...] The need for Security 2.0 is clear, and we have started the journey! Security makes a difference. These icons link to social bookmarking sites where readers can share and discover new web pages. [...]
The Security Catalyst » Blog Archive » I knew it would happen - Symantec calls effort Security 2.0 — but they got it wrong!! (are you surprised)? said,
September 21, 2006 @ 9:42 pm
[...] Listen about the true Security 2.0 in this podcast: http://www.securitycatalyst.com/2006/08/28/security-catalyst-35-introducting-security-20/ But it’s decidedly not a marketing game or the illusion that by shifting security from the network we’re reaching a new level. The whole ‘2.0′ concept really kicked in with Web 2.0. And if you look around, we’re still trying to figure out and define precisely what Web 2.0 is (see: Steve Rubel Finally, a Definition for Web 2.0 We Can Agree On?) - save this: we understand that it brings power back to the users and allows them to have more meaningful interactions. Security 2.0 builds upon that - and can be (and should be) seamlessly integrated and expanded in a way that improves the world around us. [...]
Security Ripcord » Blog Archive » Letter to Santa on Security 2.0 said,
September 13, 2007 @ 12:24 am
[...] just wrote an E-mail to Michael Santarcangelo of the Security Catalyst about his Security 2.0 initiative. Please comment if you have any input. Also watch out for Michael to open the [...]