Update: Here are links to the series as we post it:

Back in 2012 I wrote a post titled Inflection. It was a collection of ideas and trends I have been watching, with the implications for the practice of security.

This year I submitted it to the RSA Conference and it was accepted. I will be giving an updated presentation based on that post Tuesday afternoon.

I thought that would be the end of it, because this isn’t the sort of research someone is usually interested in licensing and so it stays on the blog. But I was contacted by the folks at Box who were looking for something different that focuses more on where the industry is headed than our usual papers on helping you manage a current security issue. As an analyst I believe the majority of my published research should focus on day-to-day management of security, but it is also important to push the edges a bit and spend time thinking about the bigger picture.

I am particularly excited about this paper because it isn’t being licensed by a traditional security vendor. The call from Box came out of left field, and shows that cloud and content providers are seeing security as a competitive differentiator. That isn’t an endorsement – no one can ever pay us to say nice things about them, but I can honestly say we are doing more work this year outside the traditional security market than I have ever seen before.

To wet your whistle as I start writing the content, here’s a graphic of the outline. I will also be putting the content up on GitHub as I write and edit it for public feedback and review. I’m finding I like that better than the blog for the people who want to provide feedback, but this feed is better for getting the draft content out to a wide audience. We’ll take feedback on either side.

Oh, and I could really use some help with a better title! This one feels a little pretentious to me, but I am struggling for something better and “Inflection” doesn’t translate well to a paper.

Thanks, and here’s the outline: