Maintenance of Everything : A Review
Stewart Brand’s *Maintenance of Everything* examines how diverse fields—from military logistics to Tesla’s manufacturing—manage upkeep and why neglect breeds risk. The book distinguishes routine maintenance from the broader, strategic concept of sustainment, arguing that the latter secures long‑term operational health. Brand’s case studies, such as the AK‑47’s ruggedness and the Statue of Liberty’s corrosion saga, illustrate how design for easy repair and continuous support can reduce vulnerability. The reviewer ties these lessons to cybersecurity, urging firms to treat security as a sustained, organization‑wide commitment rather than an ad‑hoc fix.
Organizational Politics & The Security Program
Organizational politics are an inevitable part of security program success, not merely a negative force. The author shares a personal CISO case where board‑approved mandates failed without division funding, highlighting the need to map decision‑making flows and build influence. He...
Cybersecurity’s Need for Speed & Where To Find It
The article argues that speed is the decisive factor in modern cybersecurity, especially as AI accelerates both threats and defensive capabilities. It adapts Stewart Brand’s Pace Layers framework to illustrate how fast‑moving innovation must be anchored by slower, stable governance...
Things Are Getting Wild: Re-Tool Everything for Speed
The author warns that AI is reshaping cybersecurity, creating a tidal wave of new software‑generated vulnerabilities while simultaneously giving attackers tools to industrialize exploits. Simultaneously, AI‑generated content erodes trust, making authenticity a critical challenge. Enterprises must build a robust agentic...
Security Implications of DORA AI Capabilities Model
The DORA AI Capabilities Model highlights how AI can reshape software delivery while exposing critical security concerns. It recommends a layered, least‑privilege access model, centralized proxy routing, and strict version‑control practices to safeguard sensitive data. Human‑in‑the‑loop reviews, audit‑ready platforms, and...
The CISO's Craft: Watchmaker or Gardener?
The article contrasts two CISO archetypes—the Watchmaker, who builds tightly controlled, auditable security frameworks, and the Gardener, who cultivates an adaptive, culture‑driven security ecosystem. Each style offers distinct strengths: predictability and strong foundations versus flexibility and empowerment. However, both suffer...
Security Leadership Master Class 7 : Contrarian Takes
The final Security Leadership Master Class pivots to contrarian perspectives, exposing common cognitive traps and ritualistic practices in cybersecurity. It critiques binary thinking, where perfection is equated with success and any flaw signals failure, and highlights the rise of "ceremonial...