But What To Do?

Posted on May 26, 2013 by Eric

The rise of the fourth branch of government – that’s the title of an opinion piece in today’s Washington Post. It’s a pretty good article, as far as it goes. For example

There were times this past week when it seemed like the 19th-century Know-Nothing Party had returned to Washington. President Obama insisted he knew nothing about major decisions in the State Department, or the Justice Department, or the Internal Revenue Service. The heads of those agencies, in turn, insisted they knew nothing about major decisions by their subordinates. It was as if the government functioned by some hidden hand.

Clearly, there was a degree of willful blindness in these claims. However, the suggestion that someone, even the president, is in control of today’s government may be an illusion.

Yes, this is very true. The President (and Attorney General and other Administration leaders) claiming he knows nothing about very significant actions by his government is somewhat ludicrous. It leaves you thinking that either he and his administration are incompetent or willfully unaware.

Yet there is truth in this article about the massive power and autonomy of the government and the civil service. The thing that is missing is any sense that the administrative branch of government might be too big, too powerful, too independent.

There is no sense of what to do about this problem, this danger to our society.

Posted in General | Tagged , , | Comments Off on But What To Do?

Insanity – The First Week

Posted on May 25, 2013 by Eric

I said the other day that I had started Insanity, a Shaun T work out routine. Some folks know, from Facebook or Twitter or in real life, that I have been on a quest to get healthy and fit again.

I was very unhealthy a year ago. I had gone from a very fit, very active man while I was in the Army (and after) to incredibly unhealthy and struggling with weight, blood pressure, blood sugar and all the other things that let you know you are in poor health. I was 45, obese and unhappy. Last June I started on a journey to change all of that.

Continue reading

Posted in General | Tagged , , | Comments Off on Insanity – The First Week

How To Be An MVP – Lessons for Security Pros

Posted on May 24, 2013 by Eric

Kareem Abdul Jabbar wrote an article for Esquire called How To Be An MVP – Like LeBron. In the article, he uses LeBron James, himself and a couple of other great basketball players, to illustrate how you go from good player/athlete to a great leader and an MVP. What I found powerful was in relating his thoughts on being a leader and great player (which makes you an MVP) to being a leader and great security professional … which will make you indispensable to your organization … and give you the opportunity to make a real difference.

Continue reading

Posted in Career, Teamwork | Comments Off on How To Be An MVP – Lessons for Security Pros

The Basics …. or …. Be a Professional, Not a Hobbyist

Posted on May 24, 2013 by Eric

Have you ever noticed that the average Infosec practitioner only really gets excited, interested and focused on advanced security activities? If you start talking about how to do real time forensic packet inspection across your network, a half dozen security engineer types show up out of the blue to kibitz with you. Talk about how to patch your windows desktop and its like a ghost town around your desk.

Continue reading

Posted in InfoSec | Tagged , , | 2 Comments

Stunning Pics By Seattle Daredevil

Posted on May 23, 2013 by Eric

This guy, ShutterSubversive, is putting some awesome pictures out from the top of iconic Seattle landmarks. Great stuff! Probably not legal, but he understands his risk, I’m sure.

ShutterSubversive’s pics of Seattle landmarks.

Posted in General | Tagged , , , | Comments Off on Stunning Pics By Seattle Daredevil

I Wish

Posted on May 23, 2013 by Eric

That all security professionals spent time having to explain what they want to do to lay people. And that doesn’t mean Information Technology professionals, who will understand many of the things you are describing.

No, you really need to learn how to communicate what you intend to accomplish, how you will accomplish it, and what it will involve to people who have absolutely no practitioner knowledge of InfoSec. Talking to people who don’t automatically know what packets are, a man in the middle, firewalls, malware and all the other things we take for granted would open everyone’s eyes.

Continue reading

Posted in InfoSec, Security | 2 Comments

The View

Posted on May 21, 2013 by Eric

This is what it is like in my backyard most of the time. The kids aren’t visible, but they’re running around too.

20130521-154538.jpg

Posted in General, Home | Tagged , , | Comments Off on The View

A Thought on FUD

Posted on May 21, 2013 by Eric

Fear, Uncertainty and Doubt

Why, when there are so many fundamentally sound reasons for a company to do good security, do the security professionals seem to always fall back to trying to motivate through FUD? Why aren’t you guys out there talking about improving IT efficiency, delighting your business users, enabling corporate strategy, reducing operating overhead and so much more?

Continue reading

Posted in Apple, BYOD, FUD, Mobility, Security, Technology | Comments Off on A Thought on FUD

Insanity

Posted on May 21, 2013 by Eric

Okay, I mentioned getting fit again after having gotten badly out of shape. I will go into more details in the future, and really talk about it. But I figured that for now I would just mention one thing.

Continue reading

Posted in General | Tagged , , , | 2 Comments

A Place for Me to Talk to the World

Posted on May 21, 2013 by Eric

Welcome to Security, Cigars and FUD (Fear, Uncertainty and Doubt). The title of this blog comes from my profession and my love of good cigars. Anyway, here’s some stuff about me.

I’ve been in the world of security, both physical and information, for 25 years now, give or take a day. That includes 11 years in the US Army, ’cause I’m pretty sure that standing on the East German border with a rifle during the cold war counts as “security”. Then I went to work in the civilian world, where I’ve been ever since. All of my jobs had a focus on security. I’ve been involved in military security, physical facility security and information systems security. Currently, I work for a very large catholic healthcare system headquartered in the Pacific Northwest. I live near Seattle, one of the most beautiful places on earth. My organization has over 60,000 employees, more than 30 hospitals and 400 other sorts of facilities. I’m the guy who runs Information Security for this whole, big thing.

An interesting thing about my life is that my past seems to be about things that no longer exist. I fought a (cold) war against a country that doesn’t exist, and a (hot) war against a dictator who doesn’t exist and worked for a company that no longer exists. Not to be cryptic … I was a soldier in the US Army from 1985 to 1996 and served in West Germany on the Iron Curtain. The USSR no longer exists and some people reading this may not be sure what the USSR was. I served in Operation Desert Storm (aka the First Gulf War), but Saddam Hussein and the Ba’ath Party (and indeed, Iraq as it used to be) no longer exist either. After the Army, I worked for EDS from 1998 to 2007, a company that no longer exists.

I am married, have kids (3, 1 is mine, 2 are my wife’s), a dog, a cat, chickens, mortgage, bills, two cars and a white picket fence. Living the dream!

I play golf. Badly. I throw darts. Passably. I drink single malt scotch. Frequently. I smoke cigars. Often. I travel with my wife. Every chance I get. I drink wine and love steakhouses. Too much.

I love my job and my family, our pets and our house and our backyard.

Over the years I let myself get pretty out of shape and unhealthy. Last summer I started fixing that. It’s been an interesting journey going from a very fit soldier to a very unfit executive, and then back to fitness again.

I plan to spend time writing mostly about security, but you can expect to see some posts about wine, working out, scotch, cigars and the rest of my life.

You can follow me on twitter too: @e_cowperthwaite

And the darn disclaimer:

Just to be clear, nothing that I write here represents the position or opinion of my employer. Nothing I write here is proprietary or confidential to my employer. Everything I write here is my personal opinion.

Posted in General | Comments Off on A Place for Me to Talk to the World