carved in stone

I guess time has caught up with Swedish expressionist artist and sculptor Siri Derkert.

In my youth I used to think of her blasted concrete subway artworks as dull and self-important. (Then again, I couldn't be bothered to care about any contemporary art.)

Now, what I see is instead grace and materiality and Siri's timeless thoughts of peace and women are gaining a renewed sense of urgency in this day and age.

Here is Derkert's Study for Female Pillar, part of the collection at Moderna museet.

sampling Trockel

I spend lots of time in art exhibitions these days. My favourite is Moderna museet which has become sort of second home when I've got time on my hands.

Taking photos of pictures might sound pointless but I like experimenting with "sampling" artworks into bits and pieces and then having these rearranged into a photo collage.

Rosemarie Trockel has knitted a monochrome After The Hunt. With wool yarn and wood she challenges how pictures are supposed to be made. And here is my attempt at sampling Trockel.

a student, a volunteer and a consultant

After five years as an employed consultant, I will continue under my own flag. In recent years I've been privileged to teach Information Security which is superb training from a generalist perspective, but now I will refocus on Information Risk in three different ways. First, I will return to the university to dig deeper in the theory realm of risk. Second, I might do a bit of volunteering in a "security advisor" capacity. Last but not least, there should be room for some consulting as an educator.

on maturity and abstraction

What is Security Architecture and what does it take for an organisation to master this domain?

Operativ informationssäkerhet in April welcomed six guest lecturers.

Sebastian Åkerman offered a maturity perspective on architecture and helped us navigate between properties, controls, mechanisms and components.

Other guest sessions covered Safe UX, Crisis Management, agile ideology, Business Continuity and Secure Development.

Two group exercises and an individual assignment took us from theory to practice.

Know Thy Assets

How can organisations get a better grip on their information assets, and what aspects are there to master?

In the March edition of Strategisk Informationssäkerhet with five guest lecturers, Information Architect Tina Lindevall of Huddinge kommun made the case for Information Cognizance (Informationskännedom).

Other guest sessions covered Security Law, Policy and Classification, educating co-workers and Security Strategies.

An individual assignment as well as two group exercises provided a bit of practice.

my year in art (2): Walk The Line

Glass art - basically pretty and harmless? Hardly. One 2018 highlight was the Dunkers group show Walk The Line showcasing nine different artistries having glass as a common denominator. 

Terese William Waenerlund, Åsa Ljungnelius, Birgitta Ahlin, Sirkka Lehtonen, Nina Westman, Ditte Johansson, Ingalena Klenell and Fredrik Nielsen made it clear that Swedish glass manufacturing is alive and kicking.

At least one coat got too close for comfort during the exhibition weeks. Hardly harmless material!

rules of engagement

A fully booked recent edition of Teknisk informationssäkerhet at DF Kompetens offered group exercises about availability, Threat Analysis and PKI/IAM.

What does a security officer need to know about ordering a Penetration Test? From scoping and 'rules of engagement' to report and confidentiality, Joel Harsten took us on a guided tour.

Our guest lecturers also covered Digital Self Defence, cryptography and data recovery.

An individual assignment on security measures for travellers preceded the course.

bridging the gap

Infosec pros must find ways to bridge the knowledge gap at home. In the November edition of Strategisk informationssäkerhet, Hanna Lagerquist stressed the importance of motivating co-workers through effective, targeted training.

Our four guest lecturers also covered Security Law, Security Strategies and Security Processes as well as Information Operations.

Participants did an assignment on analysing organisational context plus team exercises on Data Protection, Information Classification and Risk Analysis.

my year in art (1): Perpetual Uncertainty

Produced by Bildmuseet and showcased in Malmö, the exhibition Perpetual Uncertainty was one of my artsy highlights of the year. The name refers to long-lived effects of nuclear technology.

The exhibition mixed peaceful nuclear power with military applications, which is something I find counter-productive.

How can we communicate danger (think waste disposal site) to our descendants when our civilisation is long gone? This relates to my teaching on how we can archive data but not information.

make it fun!

Involve users and build motivation rather than relying on paragraphs. Create simple plans. Try to frame quality as fun. In the October edition of Operativ informationssäkerhet, Andreas Sjödin made the case for driving sustainable change in Business Continuity.

Our sextet of guest lecturers also covered Safe UX, practical Crisis Management, Security Architecture, Agility & Security and Secure Development.

Participants did an assignment on Privacy by Design plus team exercises on OWASP Top 10 and ISO 27002.