3DSC: What Happens Next?

In three short days the Thirty-Day Security Challenge will come to an end.  This will be something of a relief for me (I do have books to get back to, after all), but I have also thoroughly enjoyed it and my interaction with all of you!  So what happens next?  In two weeks I am going to submit an after-action review of The Challenge.  I will try to correct any errors, any topics that weren’t explained to your satisfaction, etc.  To do this, I need your help!

I want your criticism.  I would truly like to have your feedback on how you think this went.  While I appreciate your praise greatly (it really kept me going through this month), what I really need now is your criticism.  What could I have done better?  What did I really screw up?  Could this have been better logistically, i.e. would you have preferred different options for how to follow?  Did you want more pictures and screenshots?  If you have any gripe with this, I want to hear it.  (That said, I would also like to hear it if you got something meaninful and helpful from this.)  You may be wondering why I want your criticism; it is because there are…

More challenges to come.  Though I don’t see another challenge this big coming anytime soon, I have some shorter ones planned, in the five- to ten-day range.  I want to make them better, so tell me what you want to see.  In the next year I hope to do “mini”-challenges on mobile device security, a couple of intermediate computer security topics, and a few other things that are just loose ideas at this point.  If there something specific you’d like to see covered, feel free to let me know.  During this challenge you have given me several ideas for posts that you will be seeing in coming weeks, like:

  • How to Respond WHEN Your Data is Breached
  • Privacy & Security Comparison: Cloud Storage Providers
  • Digital Security for Digital Natives: Ingraining Security in Children
  • YubiKey Product Review

In addition to covering specific techniques, I plan to spend some time this year deep-diving threat modeling.  This is a topic that has been driven home to me time and time again, but that gets precious little attention in the infosec community.  Look for an introductory article in the next couple of weeks, and roughly an article a month on a specific model.

A new segment called Lock Safari is coming.  I also intend to introduce a new recurring segment I am tentatively calling “Lock Safari”, an admittedly and breathtakingly unoriginal name.  I am very interested in locks – especially high-security locks – and want to post some pictures I’ve captured in the wild.  This section may also include photos of other physical security measures, both good and bad, as the mood strikes me.

Thank you.  It’s not over yet, but I’ll say it now – thank you to everyone who has participated in the Thirty-Day Security Challenge!  Whether you commented, emailed, signed up for the mailing list, or just lurked – it is greatly appreciated!  I met some really cool people and got some great feedback.  Thank you!


Leave a Reply