Each chapter starts with a quote and for the security chapter, I selected the unknown unknowns from Rumsfeld:
Reports that say that something hasn't happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns—the ones we don't know we don't know.
--Donald H. Rumsfeld
Quote from a news briefing from US Department of Defense secretary Rumsfeld, published February 12, 2002.
This briefing was a couple of months after the September 11 attacks and a year before the invasion of Iraq. On a personal note, I was 33 at the time, living in Paris, working for Oracle as onsite database support engineer, also often in the Tour Montparnasse, the high rise buildings of La Defense, and the extremely busy rail and metro hubs of the French capital. Lots of military around but little sense of security, i vividly recall.
The quote is a famous one, you can read all about it on Wikipedia, including about the Johari window that inspired it:
Of course, for the security officer, managing unknown unknowns somehow, is an important aspect.
The quote tags Rumsfeld. He used it as title for his autobiography Known and Unknown, a Memoir (2011) and it was as used for a documentary about him: The Unknown Known (2014). I have not see it (yet) but there is a trailer on YouTube.
In the original manuscript, a second quote was included but this did not made to the final book due to space constraints. In my view, it is just as relevant, and as we have a bit of space left in this blog, I will include it here:
People think of security as a noun, something you go buy. In reality, it's an abstract concept like happiness,” said James Gosling, a vice president and Sun Fellow, and the man who invented Java. "Openness is unbelievably helpful to security."
Much more! Apart from the security architect as role and the tools used, in this chapter we also cover authentication, authorisation, user management, data privacy, anonymization, encryption, auditing, and more.
SAP HANA 2.0 - An Introduction
Just getting started with SAP HANA? Or do have a migration to SAP HANA 2.0 coming up? Need a quick update covering business benefits and technology overview. Understand the role of the system administrator, developer, data integrator, security officer, data scientist, data modeler, project manager, and other SAP HANA stakeholders? My latest book about SAP HANA 2.0 covers everything you need to know.