About the Site


This site was launched to fill a need for a place to actually think about security, and to encourage others to do the same.

For a few years, I have been the primary security writer at TechRepublic. During that time, I have always endeavored to prompt readers to think about security, and to learn principles that will serve them well in a variety of circumstances rather than just memorize rote behaviors that are considered "industry best practices". The moment your focus on security has been reduced to knee-jerk reactions based on popular practices indoctrination, you have begun losing the battle for security.

Unfortunately, I (along with the rest of the regular contributing writers at TechRepublic) was asked to focus my writing more on "actionable content", which is basically a code phrase for "checklists and task-oriented tutorials". In other words, the focus of TechRepublic is shifting to exclude much in the way of thinking, in favor of including mostly rote memorization. This means that an important need is being unfulfilled in the security realm.

As a result, I created Think Security so I would have a place to satisfy that need. This is where the reasoning from principles, contradicting pervasive and dangerous myths, and analyzing trends for the sake of increasing foundational knowledge of security will go. TechRepublic, meanwhile, is where the simplistic, rote how-to and checklist material will go.

Ironically, my very first article as TR's security go-to guy actually touched on some of the above:

Five steps to becoming the local security guru





Commenting is closed for this article.