design

Principles of Usable Security

Principles of Usable Security

| | design, security, Security Architecture, Usability
I want to talk about the age old trade off between the simplicity of a website or app, versus the level of friction, restriction and inhibition associated with applying security controls. There ...
The Cyber Hut

Design For Behavior, Not Awareness

| | Awareness, behavior, change, design, fogg, Infosec, musings, security
October was National Cybersecurity Awareness Month. Since today is the last day, I figured now is as good a time as any to take a contrarian perspective on what undoubtedly many organizations ...
The Falcon's View

Quit Talking About "Security Culture" – Fix Org Culture!

| | behavior, culture, design, Infosec, musings, organizational, security
I have a pet peeve. Ok, I have several, but nonetheless, we're going to talk about one of them today. That pet peeve is security professionals wasting time and energy pushing a ...
The Falcon's View
The 7 Elements

The 7 Elements

| | 7Elements, adapt, assurance, assure, build, design, embed, manage, security testing, sustain
A question I am often asked is what is behind the name '7 Elements'. So for this blog post, I am going to explore this in more detail and go through each ...
Seven Elements