Security Architecture Group Survey Results are In
The following survey of Linked In’s Security Architecture Group found members highly motivated to gain multidisciplinary learnings, and improve coverage of their broad interests through increased volunteer activity, better focused discussions and other group enhancements. Let these results motivate us to post insights or questions on some high-polling topics we haven’t covered enough – such as cloud security, security governance, security engineering and mobile/wireless issues.
Overall, there were 37 responses, tallied and discussed here for the benefit of the group and others interested in what security architects want to collaborate on together.
A clear majority participate in the forum to “increase my knowledge.” Not surprising considering that our profession is dynamic and multi-disciplinary; business, technology, risks and threats change constantly requiring us to learn new skills. About a quarter of the respondents also wanted to “answer specific questions” – that is the unique value of an interactive discussion forum over other information sources.
Almost all said they are “comfortable,” or “somewhat comfortable,” posting on the forum. A few expressed reservations about exposing gaps in English-language proficiency or subject matter knowledge. Recognizing these concerns are out there, it is good to see in practice that members let the forum be informal and don’t expect all posts to be perfectly-worded. There is a courteous atmosphere. We can operate on the basis that “there’s no such thing as a stupid question.” Indeed, one never knows what turn a discussion may take; often threads of twenty or more responses morph from the seemingly mundane or repetitious to produce comments with new nuggets of wisdom.
Someone – please post a discussion on why you think it is that – after more than 7 years in the mainstream – “cloud security” polled tops.
Next was a three-way tie between “security engineering and development,” “security governance,” and “security/business issues.” As we’ve seen in a recent discussion on security in agile development, these are the “rubber meets the road” issues. A security organization cannot do its job alone; in many respects, it is only as good as its ability to influence the behavior of the broader enterprise. Architecture helps make the pieces fit together from a strategic perspective.
The rest of the bar graph shows a long tail of technical interests, any of which can produce a fascinating discussion. One comment highlighted a desire for more content on “risk.” Great idea!
Judging by responses on the value of past discussions, the group’s done a good job of covering “security controls” from a general perspective as well as “security engineering and development” issues. However, there are some high-polling topics from the previous chart that haven’t been addressed nearly as well. This gives us an opportunity to pinpoint those areas with new discussions.
Its an all-volunteer group and members would like to see more activity. Understandably, most of us are pretty busy and have to watch our commitments. Should we just wait for someone else to volunteer? Not necessarily! Posting a discussion is easy and rewards whoever does it with exposure, new contacts and new insights.
For example, members would like to see a discussion on “what makes a great discussion post?” and its easy enough to make that happen. I’ll follow up on that unless someone beats me to it.