old_haus's comments

Perhaps.

VMU has been heavily involved in quite a bit of what has become mainstream in federal government InfoSec. They were the ones who built out US-CERT originally, they have had a hand in helping set up many of the CSIRT/SOC operations within the federal government, and they continue to play a role in helping train/evaluate these teams. Although I suspect that many people outside of (gov) InfoSec are aware of this history.

Be kind.

I agree that my run through of the article seemed to point to problems more than solutions, but I have always felt that the old chestnut 'don't bring me problems, bring me solutions' was a bit shortsighted.

Yes, it would be nice if every problem had a solution provided in a gift wrapped box. Yet, it is dangerous to pretend that problems do not exist simply because we do not know how to solve it.

Now, how to do this without become overwhelmed and despondent in the face of these problems is another issue.

That is a fair statement. I suspect that this poses challenges on a number of levels, including what areas on finds of interest and how they prefer to be engaged.

Between work, family, and school my opportunities to indulge are more limited than I would prefer. Recently I had an opportunity to listen to old lectures by Prof Malan (I understand that newer version of these lectures are now available on edx.org). When I am in the mood for something tied to current events, I enjoy taking time to read Krebs (krebsonsecurity.com) or catch up on conference presentations that I missed (still working my way through the material from ShmooCon).

I admit that even simple articles often have nuance that many would benefit from better exposure. Yet, a limited attention span would seem to be eclipsed simply by have better options in the vast sea of material not yet seen.