And now it’s time for a commercial message. I was selected to be a Peer2Peer session facilitator for the 2012 RSA conference, taking place February 27-March 2 in San Francisco. My session is entitled Improving Security Policy: What Works? The session will occur February 29 at 8am, more details are at this link.

I plan to facilitate discussions about both what is wrong with Security Policy, and what works to improve it. Google’s new privacy policy will likely come up in discussion, along with some of my notions on prioritizing policy.

I invite all those who have had to write policy, read policy, and/or put policy into practice to attend. It should be a good discussion, and when we’re done I expect everyone will have learned some things that they can put into place the next time they are writing or editing security policy.