After a few conversations, and having seen (part of) Russell Cameron Thomas’ post on the topic, I am beginning to realize that people are making a common mistake about Lindstrom’s Razor, which states:
The digital assets in question must be worth at least as much as you pay for them.
It is important to recognize that these [...]

Yesterday, Andrew Jaquith from Forrester blogged about digital asset value, in response to Russell Cameron Thomas’ post on the same topic, which was in response to a Jeremiah Grossman tweet*. Andrew’s post mentioned a cost-based approach I use for valuation that he aptly named “Lindstrom’s Razor” (has a nice ring to it, doesn’t it? ;-)). [...]

… well, you know, we all want to change the world.
Josh Corman from ISS/IBM is ready for change. He lays out a call to action over on fudsec.com. Lots of good comments over there. Here is my contribution:

I agree wholeheartedly that we need to consider evolution and that our profession is reticent to do so. [...]

Hang on, I’ll get to it after I get to the next level of Farmville…

Given that best practices are here to stay, I thought it important to come up with a set of best practices for creating them:

Don’t let the “practices” part of best practices get in the way. Best theories work just as well.
Don’t let the “best” part of best practices get in the way. Mildly useful practices [...]

Brian Krebs at Security Fix does excellent research into breaches, but I cringed when I saw his advice to “business owners” about how to protect themselves from cybercriminals:
“The simplest, most cost-effective answer I know of? Don’t use Microsoft Windows when accessing your bank account online.”
In my opinion, this is horrible advice, especially to small and [...]