I’ve been working in the computer security industry for almost thirty years.
Quite what I was doing in all those years up until 25 October 2007, I’m not quite sure. But that’s the day when I wrote my first ever blog post.
It appeared on the SophosLabs blog, a blog set up for the malware researchers at the company I worked for at the time. Normally it consisted of nerdy posts about malware.
For my first ever post on the SophosLabs blog, I wrote about a plastic toy frog called Freddi Staur – and specifically how I felt a BBC TV program had stolen one of our ideas to demonstrate the dangers of accepting fraudulent friend requests on Facebook.
In time, the guys at SophosLabs got (quite reasonably) fed up with me blogging about this sort of nonsense, and so in April 2008 I was spun off into another blog imaginatively titled “Graham Cluley’s blog,” but still hosted on Sophos’s website.
My first article on my very own blog wished Trojan horses a happy 3193rd birthday. You can tell it was my first blog post (and that I was quite a rookie) as the url has the slug /2008/04/23/hello-world/
Despite it’s terrible name, Graham Cluley’s blog proved quite popular. In fact, it proved so successful that there existed the very real danger that if one of my blog posts caught folks’ imagination it might take the entirety of sophos.com down. This did happen on a few occasions, and didn’t make me anyone’s favourite person around the office.
To try to handle that clearly sub-optimal scenario, the IT department asked me if I could give them a day’s warning “if I was going to post a popular article” so they could make sure that the servers could handle it.
I’m sure you’ll understand, that wasn’t something I could help them with.
So, another solution was needed. And under the organisational wizardry and sheer energy of my colleague Carole Theriault a new website was built on much stabler infrastructure.
Naked Security officially launched on October 28, 2010.
I wasn’t the only writer for the new blog – there was also Carole, Paul Ducklin, Chet Wisniewski, and later Lisa Vaas and others, but I was probably the most prolific.
In my opinion no other security vendor was doing anything like it. It was the best site for explaining computer security issues and threats in language that anybody could understand, and with personality. And that’s why it proved so popular.
I wrote over 2,500 articles for Naked Security before leaving Sophos in 2013.
And now… well, as The Register reports, Naked Security might be in its dying days. I certainly hope that’s not the case, but my sources tell me that Sophos is intending to mothball the site to save costs.
Kind of ironic that just two days ago Naked Security won the title of “Legend of Cybersecurity: Best Overall Blog” at the EU Security Blogger awards.
My best wishes to old friends at Sophos facing possible redundancy. That’s terrible news, especially in the current climate.
And I raise a glass to my old blogging home, Naked Security. So many vendors over the years were jealous of the power that Naked Security commanded, and how it helped Sophos punch far above its weight in terms of brand awareness and thought leadership.
What a dumb idea it is to kill it off.
Naked Security is one of my favorite blogs. Sad :(
literally my favourite infosec blog always kept things in the middle of speaking english and having alot of infosec awareness its the perfect mix i think. killin naked security is a BAD idea!
That'll be the end of an era! :(
As I said in a comment on The Register article:
Maybe the name will be kept, maybe they’ll mothball the content, maybe they’ll post occasional pieces of research under the Naked Security banner. Maybe they’re merge it with the technical SophosLabs Uncut blog? (Naked Security Uncut? Ewww. Not sure that’ll go down well with puritanical management)
But it doesn’t sound to me like Sophos has a plan to continue it in its current form.
And yeah, I take it a little personally. But mostly I feel sorry for the people who worked on the site after I left. They did good work.
Oh, Graham, Oh, Carole, it is indeed the end of an era. Have your ears been burning? We've been reminiscing about you two. You started something smart, and fun, and, what we all have most sincerely hoped was valuable to readers: information in plain English that people could understand and use. I was honored to write among you and all the other great, smart, talented writers that have come and gone. It's been a glorious ride!
Well done for keeping the flame alive for so long Lisa! Don't be a stranger and be sure to let us know where else you're writing so we can keep an eye on you. :)
I've done what I could, Graham! I won't be a stranger, no, no, no. I'll probably keep writing just to be annoying. I'll stay in touch, please do the same! :)
You are legendary! You edited one of my articles for Naked Security and it got something like 15K views in 24 hours. Nothing, I believe, that would have happened on my own, so thank you! Glad to see that you will still be going strong!
I memory serves well, this is the article you edited. https://nakedsecurity.sophos.com/2011/08/11/has-facebook-got-your-mobile-number-now-your-friends-do-too/
You're too kind David. I just applied a little lipstick I'm sure.
You and Carole were the spirit of NS. We localised more than 1000 NS posts on the French blog and some in Spanish and Italian. OMG, can’t believe that baby will end.
I have no other words : “What a dumb idea it is to kill it off.”
You guys were amazing. What a thankless job it must have been to translate my drivel into French, Spanish, and Italian. I can only wonder what you thought when you saw me mention thinks like flappertanknibbles…
I'm raising that glass with you all. Writing for NakSec was one of my absolute favorite gigs, and I'm so proud of the work I got to do there. I can't understand the thinking behind killing it off.
You were fab Maria, and you're still fab!
I'm sure the changes they're making at $opho$ all come down to one thing. :(
It's one of our favorite assignments – working with you and Carole and the entire Naked Security team. We still talk about it with clients as an example of thought leadership done so well. We also loved that there was never holding you, or your colleagues, back and you were always ready to put your hand in the flame. The legacy will live on!
Ha! Was fun working with you and your colleagues Sandra.
What a shame. Doing PR for Naked Security was a career highlight. There was nothing out there like it. We had blast, worked on a lot of great stories and hopefully, made people a bit smarter about security issues. The end of an era!
Cheers Brittany. You helped make it fun. Hope you're keeping well!
As we are all on our screens more and more – we need Naked Security more than ever. What a loss! I remember when the name was first announced….hilarious conversations.!!
my personal fav naked security moment was when you stupidly baited a senior google researcher into exposing the sophos software for bugfilled claptrap it always was
If you're going to try to spoof a famous vulnerability researcher, at least try to spell his name correctly.
https://twitter.com/dril/status/134787490526658561?lang=en
"In my opinion no other security vendor was doing anything like it. It was the best site for explaining computer security issues and threats in language that anybody could understand, and with personality. And that’s why it proved so popular."
The main reason I subscribed to Naked Security (and to GCHQ!), I've cited it so many times to senior managers to explain why something needs to be addressed. It may seem like a small thing, but at the most extreme case a failure to properly explain the scope of an issue to management was cited as one of the primary causes of both the Challenger and Columbia Shuttle Disasters.
What a dumb idea it is to kill it off.
Aside from your blog it is/was(?) one of the most readable for the average non-commercial user.
:(
It is sad news, very worrying as well. Naked Security is one of my favorite places to get serious security information. Thanks Graham!
This is quite a backwards move for such a (or any) company.
I have really enjoyed listening to the Naked Security team on all the topics they discuss….I'm not in the infosec industry (although I would like to be) -the content is well presented and topical and a must listen to for this industry….anyone know of any other decent podcasts? Gutted.
The Smashing Security podcast is pretty good (I'm possibly biased).
We've had many of the shining stars of Naked Security appear on it as guests.
Graham – I'm listening to your podcast now….your co-host has quite a potty mouth ;-)
In all seriousness it'll be one of my go to security podcasts to listen. Glad I've discovered it despite Naked Security's demise!
Lockdown, if anything, has made Carole worse…
Enjoy!