Instead of doing a “security year-in-review” article, or trying to make predictions for the coming year in security, I thought I would go in a slightly different direction for my last article of 2007.
Most security authors and bloggers are doing a great job at this time of year in covering all the industry trend stuff. You know, “How many security holes does Vista still have, and how many will it have next year at this time?” or “The Top 10 Cross-Site Grocking Attacks of 2007!” So in this article, (mostly because I don’t have the time to sit down and crunch through such data), I would like to simply share with you some of my thoughts on improving your personal focus and productivity, in whatever field you are in. I’m told that it’s a good time of year to do this kind of thing.

I started this site about a year ago, after reading the book “Eat That Frog” by Brian Tracey, and “What No One Ever Tells You About Blogging and Podcasting:…” by Ted Demopoulos. I found “Eat That Frong” to be very inspiring, insightful and timely, in that it was a new year and the main message of the book was to make sure you are doing the most valuable things you can do with your time. For the past year, I have tried to focus on that simple goal, and although not perfect, I think I’m making progress.

From Ted’s book, I learned what I needed to know about how to get started in using blogs. (You may have noticed, I don’t often refer to this site as a “blog”, mainly because I think it might scare away the people I’m trying to help here…) At this point, I am pretty happy with the amount and quality of content I’ve been able to publish here. If I could change one thing - and I think I will, going forward - it would be to make the content a little more fun to read, and less formal, while still being somewhat helpful.

Warning: Introspection Alert…
Being someone who takes an interest in a lot of different things I am easily distracted and am inclined to bite off more than I can chew. But my main focus has been on improving my consulting and business skills, and in keeping abreast of the security industry in general. I’ve read and/or listened to a lot of books such as:

  • Process Consulting, by Alan Weiss
  • The Pragmatic CSO, by Mike Rothman
  • IT Governance: Guidelines for Directors, by Alan Calder
  • The Tipping Point, by Malcolm Gladwell
  • Blink, by Malcolm Gladwell
  • Freakonomics, by Stephen J. Dubner and Stephen D. Levitt
  • The Long Tail, by Chris Anderson
  • Made to Stick, by Chip Heath and Dan Heath
  • Managing an Information Security and Privacy Awareness Training Program, by Rebecca Herold

And a few others, I’m sure.

Thanks:

I also want to recognize Michael Santarcangelo and his Security Catalyst Forum (click HERE), Mike Rothman’s Daily Incites (click HERE), Martin McKeay’s Network Security Podcast (click HERE), and Rich Mogull’s Securosis (click HERE) for keeping me up to date on the issues important to security professionals.

The Bottom Line -

In keeping with the title of this article, I am planning to focus more of my time on where I think I can add the most value to my clients, and hopefully to those of you reading this. This means I will be writing articles here slightly less frequently to make time for creating content, in both written and audio formats, aimed at helping managers leverage their human and technology resources to protect their bottom line. You will find links to these works of art on this site when they become available.
The articles I do write here will be less formal, more editorial and hopefully better written as time goes on. As always, I welcome your input through comments. Have a great New Year and don’t forget to always focus on the most important thing (the thing that will have the greatest impact on your life in the long term) before you do anything else.

Scott Wright