Analogettes

Weekly Wee One #9 – Defence In Depth is like…


A phrase we both love to repeat and repeatedly critique. Visiting the tail end of the 80s for my perspective…
[tweet https://twitter.com/S_Clarke22/status/600934212867399680 hide_thread=true width=’900′]
…because we can’t seem to make up our minds:
[tweet https://twitter.com/S_Clarke22/status/600937309840748544 hide_thread=true width=’900′]
[tweet https://twitter.com/S_Clarke22/status/600937803233533952 hide_thread=true width=’900′]
…and when all’s said and done:
[tweet https://twitter.com/S_Clarke22/status/600942155159441408 hide_thread=true width=’900′]
There’s more in the thread, including a lament from Gary Smith (@fl1bbl3) about our industry having a few too many Dirk Gently-esque characters.
dirkgentlyuo9I get where’ Gary’s coming from and I voiced my own frustration about peddlars of point and pick selection packs of ‘holistic’ solutions, but the trouble is I have a real soft spot for Dirk. Here’s a couple of quotes that show why:

“what we are concerned with here is the fundamental interconnectedness of all things. I do not concern myself with such petty things as fingerprint powder, telltale pieces of pocket fluff and inane footprints. I see the solution to each problem as being detectable in the pattern and web of the whole. The connections between causes and effects are often much more subtle and complex than we with our rough and ready understanding of the physical world might naturally suppose”

“it is a rare mind indeed that can render the hitherto nonexistent blindingly obvious. The cry ‘I could have thought of that’ is a very popular and misleading one, for the fact is that they didn’t, and a very significant and revealing fact it is too.”

Possibly a better description of the cyber security challenge and the kind of thinking that might save us than anything I’ve said so far. So lets slow up on the reinvention and perhaps put our backs into getting right what we know makes sense.


If you liked this, you can find more here, or full-size InfoSec analogies on The Analogies Project site (a huge range of novel perspectives on security from just about every big name in the security game, plus plenty of folk from other trades). It’s a great resource.

Leave a Reply

Your email address will not be published. Required fields are marked *