• United States



The effect of paradigms on our perspective of security.

Sep 18, 20081 min
CareersData and Information SecurityIdentity Management Solutions

“Your paradigm is so intrinsic to your mental process that you are hardly aware of its existence, until you try to communicate with someone with a different paradigm.”

–Donella Meadows

For some of us, security is realized through physical and network controls that address the risks in a given environment. Others view techniques aimed at education and user empowerment as critical to organizational security. Then there are those who march onto the risk landscape under the banner of effective governance and oversight. Each of these groups employ strategies informed by their paradigm. But what if myopic passion gave way to a dialogue between these views?

Through this forum I will discuss information security from varying perspectives. Below is a preview of future discussions.

– The perspectives of small to midsized nonprofit organizations.

– What do psychologists have to say about information security?

– What are the implications of game theory to our field?

– What can we learn from social network analysis?

I hope to stimulate queries and discussions borne from the aftermath of shattered paradigms. As we brush aside the detritus, we may view security through the eyes of others. After all, isn’t that the beginning of discovery?


Steven F. Fox provides security guidance to ensure compliance with Federal standards and requirements as a Senior Security Architecture and Engineering Advisor for the IRS. Fox contributes to multiple working groups including the IPv6 transition team, Developer Security Testing workgroup and the Security and Privacy workgroup. He brings a cross-disciplinary perspective to the practice of information security; combining his experience as a security consultant, an IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges. He is a syndicated blogger covering IT Governance, Risk Management and IT-Business fusion topics. He also volunteers his time to the Ponemon Institute and Security BSides Detroit. Follow him on Twitter - Join his LinkedIn network -