I have long been nagged by colleagues to start a Security Anonymous group. So here is an introduction including twelve step program:
Need help with a security problem? If you are concerned with a security problem and wish to learn more about Security Anonymous, read on further.
Security Anonymous is a self-help group for people working in the IT security industry. We only need your first name and we offer a twelve step program.
Only you can decide whether Security Anonymous is for you. After years of doing the same thing over and over, expecting different results, we hate to admit that we can never run a system or an application safely. We found out that many people suffered from the same issue. We decided to try to face up to what security vulnerabilities have done to our systems. There is no disgrace in facing up to these problems or admitting a security vulnerability. But see for yourself.
Security Anonymous’ twelve step program:
- Admit to yourself that you have a security problem
- Come to believe that there is a greater force that will always attack systems and applications, but if we jointly work together we can counter them.
- Make a decision to turn your skill and lives over to the finding and fixing of security vulnerabilities
- Make a searching and a fearless inventory of all security vulnerabilities that you know
- Admit to yourself and to other human beings the exact nature of these security vulnerabilities
- Become entirely ready to remove all of these security defects
- Humbly ask experts to help remove security weaknesses and shortcomings
- Make a list of systems and applications that have been exploited and become willing to fix them
- Make direct fixes to systems and applications wherever possible and where doing so does not create more security vulnerabilities
- Continue to take regular inventory of security threats and when you are attacked, promptly admit it
- Seek through learning and exchange with experts to continuously inform yourself about the latest security attacks and how to prevent or fix them
- Have a critical awakening as a result of these steps, and try to carry this message to other security practitioners, and to practice these principles in all your affairs