by Jesper Kråkhede, Sweden
Posted in Business, Methodology, Security Architecture on Jul 11th, 2010
During my years working with security I have met many claiming to work within security, some actually is doing it, some real jokers and some not understanding what it really is. What I learnt during all this years is that security is really complex, specializing in security means that you have to know everything about […]
Posted in Methodology, Security Architecture on May 17th, 2010
BBC ran an interesting article today regarding how easy it is to take control of a car even when it is in motion. The scientists says that it is a rather difficult attack for the common man but something we all learned is that when it is hard in the beginning soon enough there will […]
Posted in Methodology on Feb 27th, 2010
Up to six times each year someone in Sweden gets their house stolen, or to be more precise, someone fakes a sales contract, register themselves as owner, goes to the bank taking out a loan and disappears with the money. The legal owner is left with either a new big loan to handle or a […]
Posted in Business, Methodology, Security Architecture on Oct 31st, 2009
At the same presentation I was approached by the CIO asking me: You are suggesting quite substantial changes in our way of working. How do you know that this will solve the problems and how do we know that this is the real problems? I first started to explain how security works and that you […]
Posted in Methodology, Security Architecture on Oct 31st, 2009
I was presenting the result from a workshop the other day and half way through I noticed a few persons getting very uncomfortable. I decided to address their awkwardness and asked them if everything was clear. The answer I got baffled me: We think you are making this to complex. We do not understand the […]
Posted in Business, Methodology on May 11th, 2009
In Steve´s blog there was a note that he had to leave Microsoft and from other places I heard that it was the better part of TWC that was eliminated. I am a bit unsure about what the consequences of this are. Microsoft has for several years been the top player when it comes to […]
Posted in Methodology, Security Architecture on Dec 8th, 2008
Four years ago I stumbled into a discussion regarding how security was handled in RUP. As the discussion went on the voices rose and in the end the poor bastard yelled at me: “You are abusing my use cases” and by that the Abuse Case was born. Just to set the context: An abuse case […]