Pick a Card
Hello Protocols, Packets, and Programs,
I love magic. The sleight of hand, misdirection, the wonder.
I love its affinity with cons and deception.
Ricky Jay was an historian of every one of those topics, as well as a master himself at sleight of hand and cards.
He was instrumental to the movie, “House of Games”, in which a conman explains to a mark, “It’s called a confidence game. Why? Because you give me your confidence? No. Because I give you mine.”
I also mentioned the three of clubs, which is the card that Penn & Teller always prefer.
This felt like a nice complement to the “Myths and Lies in Infosec” that our guest, Adrian Sanabria, talked about. Adrian hosts Enterprise Security Weekly and has joined ASW as a co-host in episodes 143 and 181.
I love magic that tells a story. Sleight of hand and card tricks are impressive, but a trick that manages to deliver an emotional impact on top of skill is what I love the most. Those ideas also served as a metaphor in my introduction to AHT4.
The topic of breach responses came out of our discussion about how to get beyond myths and lies in infosec. Two points were transparency and speaking in plain language.
I also noted this doc about external communication during a breach. It even has the phrase, “Public comments should demonstrate that you are taking the issue seriously…”
But the important part is to explain how you’re taking security seriously, not just repeating the platitude that you do.