Writing

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Exception, variance, these words are the bane of the information security professional. We all have to deal with them. Jarrod offers some thoughts on the topic. You will benefit from reading them.
    /dev/null - ramblings of an infosec professional: Security Exemptions
    Tags: ( policy )
  2. Ben shares his method for writing along with some thoughts on writing in general. It's a good read and I bet you can find some things in there that can be applied to your own writing.
    The Writing Funnel (The Falcon's View)
    Tags: ( general writing )
  3. A bit ago, a forensic contest was opened with the winner getting a free SANS course. That contest is now over. Here is the cool part, they took the finalist's answers and made a website out of them for the rest of us to learn from. Check it out.
    Network Forensics Puzzle Contest
    Tags: ( forensics contest answer )
  4. This boggles the mind. A judge has ordered that Google deactivate an account because the account holder received an email not intended for them. I seriously hope this gets challenged. Otherwise, we are in for a very rocky time.
    Judge Orders Gmail Account Deactivated After Bank Screws Up | Threat Level | Wired.com
    Tags: ( cloud privacy )
  5. Hoff has penned a post that, along with the attending comments, is something that you should read. Seriously, go read it.
    Incomplete Thought: Virtual Machines Are the Problem, Not the Solution... | Rational Survivability
    Tags: ( virtualization )
  6. Shrdlu offers some guidance on how to implement new policies. I have used this same method in the past.
    The policy bootstrapping problem.
    Tags: ( policy )
  7. Next month is Cyber Security Awareness month. The Internet Storm Center handler's diary will again be making deep dives into various security issues during the month. If you aren't a subscriber now, I suggest you rectify that lapse.
    Cyber Security Awareness Month
    Tags: ( awareness )
  8. Wade talks about the difference between Management Science methods of making decisions and engineering methods. He then ask the question "..how does your company make 'Should we do X, Y, or Z?' decisions?" (slightly paraphrased) He offers a few he has seen. Stop by and offer your input.
    Verizon Business Security Blog >> Blog Archive >> Security Decisions - How do you make them?
    Tags: ( risk-management )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You can download the raw anonymized survey results from the Project Quant survey.
    Raw Project Quant Survey Results
    Tags: ( patching )
  2. Want to hear about writing a security book? Andrew will be SANS Network Security 2009 talking about that very thing.
    Andrew Hay >> Blog Archive >> Presenting at SANS Network Security 2009 - "So You Want to Write a Security Book, Eh?"
    Tags: ( writing books )
  3. Some thoughts on compliance in a virtualized environment.
    Five Ways To Meet Compliance In A Virtualized Environment - DarkReading
    Tags: ( virtualization )
  4. A couple things to check and do after you upgrade to Snow Leopard.
    Snow Leopard downgrades security and misses opportunity to improve | Chester Wisniewski's Blog
    Tags: ( apple macosx )
  5. In case you didn't know, there is going to be a blogger meetup at RSA Europe in October. 🙂
    RSA Conference - Security Bloggers Meet up 2009 - London | Security Active Blog
    Tags: ( meetup )
  6. This post strikes a particular chord with me as I have been thinking about this quite a bit lately. Most of us are operating under some pretty crushing workloads, but it we don't take time to manage our people, those workloads will just even heavier.
    Security Ripcord >> Blog Archive >> Take Time To Manage
    Tags: ( management )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

In this post I offered three tips on writing that make it easier for your reader. Someone anonymously left the following comment.

Is this like the April 1st-type advice? Clearly, these tips are about writing for rejectees from “Are you smarter than a 5th grader?”…. Come on!

Not the most constructive comment, but he does bring up a point I want to address.

Writing in a clear, concise, easy to read, and easy to understand manner is not a judgment of the intelligence of your reader. It’s about making something less complicated than it needs to be. It’s about making it easy for your readers to read and internalize.

Can your readers understand long sentences? Of course they can, but are they willing too? Can you banish white space? Sure, but is that in your reader’s best interest? Can you use your encyclopedic vocabulary? Yup. But “big words” would have worked in the last question just as well.

Shorter sentences, shorter paragraphs, and common language do not mean dumbing down your writing. It means making the information you are trying to share easier to get at for your reader. That's why you are writing in the first place isn't it?

Kevin

{ 1 comment }