Recently in writing Category

Recent Publications...

As a rule, I try not to toot my own horn too much. There are far smarter people out there. That said, I thought you might find the following articles of interest:

Big Fat Finance Blog: "Risk Chat: Is Your GRC in the Cloud?"

CRN: "How to Manage Cloud Risk"

The ISSA Journal (November 2011, Volume 9 - Issue 11)
"Scaling Risk Management"

Also, I highly recommend joining the ISSA!

The Writing Funnel

| 1 Comment

A few people have complimented me this year on my writing, usually with a self-deprecating comment along the lines of "I could never do that." My response is to first thank people, but then to also speculate that "oh, I'm sure that's not true" - I'm sure they could in fact write just as well as me. The fact of the matter is that, while words come easily to me in many cases, it's not always a cake-walk. More importantly, for me writing is as much therapeutic as it is intended for communicating ideas.

Toward that end, I thought a few people might appreciate an expansion on my approach to writing, since I do firmly believe that others not only can write, but should write. The security industry, in particular, has a very small core that needs new ideas and commentary to keep it fresh and to help stimulate evolution. New voices help us find new ideas, which in turn lead to innovation.

(Update: Forgot to mention that my original submission is available here if anyone is interested or would like to provide feedback.)

Today, this Friday the 13th, I think that sentence could be completed with either "give up" or "get angry and fight back." I might have mentioned a while back (couldn't find a blog entry on it) that, in order to complete my grad research, I needed to produce a paper and get it published in an academic, juried journal. These journals have peer reviews in addition to editors and are supposed to be of higher quality. I did the exercise as requested, but I've always been leery. My expectation was that the submission would get bounced back with a request for revisions. I did not, however, expect the result that I received today: outright rejection. Not the best way to start the day, and a good way to get me very wound up about things. Here it is, my very first attempt at publishing something, and I was not even given a chance to submit a revision. But it gets worse...

This could be alternatively subtitled "one guy's journey to a career in writing." I've been struck by the writing bug lately, and not just in the blog form. The fact of the matter is, I'm still expected to complete a journal article for my thesis work, to be submitted to a peer reviewed journal, such as IEEE S&P. On top of this, however, I've also had a couple opportunities crop up that are intriguing and driving me to plan (and begin executing on) other articles.

Prior to last week, I was planning a couple articles for Dan Swanson, who's recently become editor of EDPACS The EDP Audit, Control, and Security Newsletter. He had also suggested sending articles to Information Systems Security (ISS) and Information Systems Management (ISM). ISS is the official ISC2 journal (of the famous CISSP certification). ISS doesn't have a very good rep, but I figured writing is writing.

About this Archive

This page is an archive of recent entries in the writing category.

work-jobs is the previous category.

DevOps is the next category.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives


  • about
Powered by Movable Type 6.3.7