Mastodawn

Allan Friedman 2d ago

Ramp season! So delicious, but can be a bit of a pain to clean.

Allan Friedman Apr 11

Aw yeah. ‘Bout to get Nonna up in here.

Allan Friedman Mar 21

Amazing opening keynote at @bsidessf by my old con buddy @bubblewire making the case for *optimism* in a very tumultuous time for the security community.

Why to be optimistic?
1. “The Room where it happens” Security is now increasingly part of strategic institutional decision making. Beyond just tech to real influence. 10 years ago, who wanted hackers in the room?

2. We have learned to design for humans, not against them.

3. Started to focus on what actually moves risk. Real skepticism of rote vendor solutions. Better at calling bullshit and focusing on what solves real problem

4. Barrier of entry are lower. Abstractions allow more people to engage in security. Everyone can be a builder. We depend on creativity and experimentation. Security practitioners are becoming builders.

5. Legacy risk might finally be tractable! AI tools can read, understand, and transform the legacy cold bases. We can imagine burning down technical debt.

6. We can pave things from the start - new providers are thinking about security “with a heightened awareness” New AI leaders have invested in security. Not a first priority, but maybe second or third, rather than bolt-on.

We have managed massive transitions in the security space before (cloud native!).

She also reminds us that the entire security community is built on just that: community. We share, we build collaboratively, we rely on alliances and nonprofits and standards orgs.

Allan Friedman Mar 17

A nice moment in the McRary Institute Cyber Summit. Army Cyber Advisor Brett Pugh acknowledges that CISA and its hardworking expert staff are carrying on with their critical mission without getting paid.

My former teammates are doing damn good work in a very rough time.