March 5


What do you think the future of how we practice security looks like? Join our experiment in mind-mapping

I am a visually driven person. I think in non-linear ways, and have a 4’x8′ whiteboard in my office that I use several times a day. Mind mapping, therefore, is a natural fit for me. As a speaker, I’m generally impressed by those who also mind map. If you are also visual, you may find mind mapping works for you, too. In my quest for personal improvement, I have come to enjoy reading the thoughts of Grigor at Behind the Glasses.

He’s covered mind mapping a bit, and recently covered the beta of MindMeister – an online, collaborative mind mapping tool. He then ran a brief experiment to test it by asking some of us to contribute our answers to “what is the future of blogging.” You can see our final result here: Some Ideas about the Future of Blogging. It got me thinking… we should do the _same_ thing for security. As we focus on “security 2.0” – or what I’m temporarily calling the “Catalyst Approach to Security.”

No Battle over Security 2.0

I want to make a quick comment on “Security 2.0.” Alex suggested a battle was brewing over the concept:

Third, Interesting “Security 2.0″ battles. By Security 2.0, I mean online InfoSec communities. There’s the Trusted Security Catalyst folks, and now there’s They both seem to be in their infancy. There’s more action at TSC, but ISM seems to have more structure and purpose.

Personally, I’m all for the online community thing, even if I do hate the term “Security 2.0″. Vendor accountability, research accountability, open standards and efforts – they’re all good things. Let me encourage you to research these aveneues and use them to your advantage, in both giving and taking.

To be clear, there is no battle here. I have been looking for a replacement name now for a while, and the next best choice has yet to surface. That said, I like what I know about Mark’s approach and look forward to learning more. My approach to security is one of inclusion. I’m going to keep developing the approach to provide some guidance for how we can advance our practice of the art of information protection. I welcome anyone to join. Similarly, I look forward to the opportunity to learn about and support other efforts, too. I got the impression Alex and others want the same thing – and I’m convinced that by blending our efforts, we all advance.

To that end, I have asked the members of the trusted catalyst community to joining me in building out a collaborative mind map on: The Advancement of Security: Catalyst Approach

You are invited!

Based on what I learned from Grigor’s approach, I invite you to join us. I don’t know how many people helping is “too many” – so we’ll have to play this entirely by ear. I only have 18 invitations left, so if you want to participate, we’ll work a chain of invitations so you will have the opportunity. Interested? Send me an email with the email address you want to be invited with (and then check your spam filter – the mindmeister messages get trapped for some reason) to I’ll post some suggested rules for working on the map today or tomorrow.

I figure we’ll try this for a week, maybe a few days longer. If it works, we’ll export it and incorporate it into securitypedia (the community, publicly accessible wiki we are launching soon) for any authenticated member of the SCC to help modify. Ideas, comments and constructive criticism is always welcomed.


You may also like

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Tired of feeling defeated on Friday?

Where the stack of work to get done is bigger than what got finished. You dread next week before the weekend even begins.

It doesn’t have to be this way.