Wednesday, April 8, 2026

Sermon - TLIS - 1.1.7 - Security Frameworks

Sermon - TLIS - 1.1.7 - Security Frameworks

Proverbs 11:14
For lack of guidance a nation falls, but victory is won through many advisers.

1 Corinthians 12:28
And God has placed in the church first of all apostles, second prophets, third teachers, then miracles, then gifts of healing, of helping, of guidance, and of different kinds of tongues.

Psalm 25:5
Guide me in your truth and teach me, for you are God my Savior, and my hope is in you all day long.

Jeremiah 33:3
Call to me and I will answer you and tell you great and unsearchable things you do not know.


I know. I'm talking about security frameworks, and you are thinking that the only framework that we need in the Christian life is the Bible.

That just shows that you don't know what frameworks are.

First of all, I suppose I should talk about what policy is. Once again, you think you know what a policy is, and you don't. You think that the bible is a policy guide book. Well, no, the bible is way too big to be a policy guide.

Yes, you have policy guides probably at your work, probably for any organization that you belong to, and probably your church even has one or two policy guides. They are great big thick fat documents, just like the Bible. You think that the Bible is a policy guide.

No, it's not.

First, there is the actual policy. The policy, for the Christian life, probably boils down to:
1. Love God
2. Love your neighbor
3. Spread the gospel

That's it.  Policy is a lot shorter than most people think it is.  The actual policy is more like what people tend to think of as a mission statement.  The shorter you can make it, the more focused you can make your policy.  So God wants us to love Him, and then to love our fellow man, and then to spread the good news.  To everyone.  Policy is the foundation. The barest fundamentals.  It defines what the enterprise considers valuable, and the goals and objectives.  But I did say "policy guide."  That does tend to contain other documents like our standards, our baselines, our procedures, and some guidelines.

Guidelines are where frameworks come in.

COSO is an acronym that stands for Committee Of Sponsoring Organizations which is itself a an abbreviation of the Committee of Sponsoring Organizations of the Treadwell Commission.  The Treadwell Commission was formed in response to the financial crisis of 1980, after financial institutions had been very busy selling junk bonds to people who then lost their life savings.  That started a problem with the financial institutions not being able to sell anything to anyone because nobody trusted them and therefore they were losing money.  So the Treadwell commission was formed in order to figure out how to convince people that financial institutions were safe people to deal with.  In other words, they wanted to figure out a way to lie to people.  This was an absolutely cynical project from start to finish.  The entire intent was to get people to trust organizations which had demonstratively proven themselves to be untrustworthy.  I very much doubt that anyone intended it to ever make any change in business management at all.

But the result was very good.  This is one of the "breakdown" frameworks.  Breakdown frameworks mean that instead of trying to improve your entire business all at once, or to protect your business all at once, you break it down into small sections, and then try to protect and improve each individual section.  Later on you can try and address overall problems of the whole institution, which is probably going to be informed by the breakdown that you have done and the protections that you have put in place at lower levels.

We can use breakdown models in our own Christian life.  Instead of trying to improve yourself all at once, which becomes a huge and impossible task, you instead take a section of your life and examine it carefully, looking for flaws or areas of improvement.  For example, instead of trying to address everything in your life, first of all address, for example, your reading of the Bible.  Find a time that works for you, and an amount of time that works for you, and figure out how many chapters of the Bible you could likely read in that time.  Then set yourself a quota of reading two chapters of the Bible per day.  If you keep this up every day, it will take you two years to read the entire Bible, cover to cover.

Then there are the checklist frameworks.  Generally speaking, in security I call these the 135 checklists, because most of them have approximately 135 items on them.  Possibly 133, or 138, but within a few numbers of 135.  It is astounding how consistent this has been over time.  These checklists have fallen out of favour and haven't been updated in about a decade, but recently GDPR set up the accountability standard, and they came up with a checklist.  It had roughly 135 items on it.

In the Christian life, our checklists tend to be smaller.  Generally speaking, we would go for the Ten Commandments.  Ten items.  So there's a checklist that you can go through and figure out whether or not you're doing well.

However, that's certainly not the only one.  You will find books with a dozen steps to this, or twenty steps to that, or seventeen items to consider with regard to your faith.  Use these checklist frameworks to address different areas of your Christian life and improve things.

One common category of frameworks in the security world are the maturity models.  Maturity models usually have five or six steps to them, and see how mature they organization is.  This does not mean how long you have been in business, but rather how well you manage your systems and your overall performance on an ongoing basis.  This is quite useful if you use it properly.  The big mistake that people make is to say okay, we are at the first step.  We want to get right to the top level here.  The big lesson with maturity models is that you have to take it one step at a time.  There is no point in being at a chaotic level, and try to go to a fully managed level right away.

That lesson is directly applicable to our Christian lives.  We cannot reach perfection immediately.  We have to take each imperfection in our lives and try to address it separately.  And we have to ensure that we do not expect, once we have addressed something, to never fail in that area again.  Forgive yourself, in the same way that God forgives you.  Try, but do not expect yourself to be perfect.

Certain types of security frameworks come from business management frameworks.  There is one that I find particularly useful called the Balanced Scorecard.  The point is to have you assess yourself in your business in four different business areas.  The intent of doing so is to find out where your business is not the strongest, but the weakest.  Then concentrate on improving that particular aspect of your business.  That way, you improve the weakest link in the chain, as it were, and make a greater contribution to improving your business overall.

This is directly applicable to our Christian life.  Look at your Christian life.  Yes, take note of where you are strong, but pay particular attention to areas where you are weak.  Do you fail to read the Bible regularly?  Do you have inconsistent prayer time?  Do you fall down in the areas of volunteer work, or contributing to charity, or the church itself, or to other charitable donations?   Have a clear-eyed viewpoint and look at your Christian life.  Where are you the weakest?

That is the area to concentrate on.  Remember that our adversary is not going to attack us at our strongest.  As I have said elsewhere, our adversary is not going to play fair with us.  They are not going to attack the area where we expect it and have protected ourselves.  They are going to attack us at our weakest.  Attack an insufficient prayer life.  Attack a weakness for alcohol or a wandering eye.  We need to concentrate on the areas of our life that open us and make us vulnerable to attack.


Theological Lessons from Information Security

Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Sermon TLIS - 1.1.5 - "Footprints" and key performance indicators/metrics

Sermon - TLIS - 1.2.1 / 34 - Edit, Audit, Prophet

Sermon - TLIS - 1.5.1 - Manage Everything

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Sermon - TLIS - 9.8.5 / 73 - Muster station, safe and secure

Sermon - TLIS - 10.3.1 - Intellectual Property

Sermon - TLIS - 10.5.1 - Privacy

Sermon TLIS - 10.6.1 / 54 - Liability and Negligence




Posted by at No comments:

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Psalm 34:8
Taste and see that the Lord is good; blessed is the one who takes refuge in him.

Hebrews 11:1
Now faith is confidence in what we hope for and assurance about what we do not see.


Business doesn't really like security.  I really don't know why.  If you are a manager in a business, you manage two things: people and risk.  In security, we manage risk; therefore, we do half of what managers do.  You would think they should understand what it is that we do and how necessary it is, but so often we, in security, are considered to be "the knights who say no."  We put up barriers to prevent people from getting hurt, or doing something wrong, or getting into trouble, and people see our barriers as preventing them from actually doing their jobs.

When we want to talk about security requirements, the requirements that we have in the field of security, really what we are talking about is the requirements that the business actually has.

But when we get down to the specifics in terms of security requirements, we break them down into two types.  The first is the functional requirement.  That is what you actually want to have done: the actual tool.  For example, maybe we want to prevent viruses from getting into our computers and wreaking havoc.  We want an antivirus scanner.  That is the functional requirement: scanning for viruses and preventing them from getting into our systems.

But then we have a second type of requirement. The assurance requirement. The assurance requirement is a little bit more abstract, but it's the kind of thing that asks the question: Is the tool working? Is the tool actually doing what you want it to do? Is the tool being effective at what it was originally designed or purchased to do?

In terms of the Christian life, one might see an example like this.  The functional requirement is salvation.  God has provided our salvation.  We are saved.  We are not going to be punished in eternity.  We will be with God in eternity.  That is the functional requirement.

And what is the assurance requirement there?  Well, faith.  God has said that we are saved, and we take him at his word.  We have faith.

Hmmmm.  There might be a few problems with that assurance requirement.  Are we really sure?

In the security world, we might want a requirement with a few more metrics to it. For example, in our virus scanner example, we might want the virus scanner to report how many viruses have been caught and held. As a matter of fact, maybe we will ask the scanner to quarantine the viruses so that we can examine them at some point and ensure that they were, in fact, viruses.

In the Christian world, we rely on the fact that God is always with us.  Now, yes, that's a fact, but it may not necessarily be perceptible.  Yes, there are those fortunate people who feel God's presence at all times, particularly when times are tough.  But that's never been my experience.  And when you are a grieving widower, and a depressive, to boot, it might be nice to get something a little bit more substantial every once in a while.  Faith is good.  Hard to hug, though.

I came up with another example of functional versus assurance requirements during the pandemic period.  When you go to a restaurant, or a fast food place more likely, you will notice the signs saying that hand hygiene, hand washing, was a requirement for all employees.  This, of course, is to prevent infections.  It's to prevent spreading disease.  I suppose that's why this occurred to me during the pandemic.

The functional requirements are that people have clean hands when they're handling food.  In terms of hand washing, though, the assurance requirements really aren't there.  If it's a fast food place, yes, you can see the signs displayed saying that employees must wash their hands, but you don't see them wash their hands.  They probably wash their hands in the washroom.  That's out of sight to you.

But in some of the fast food places, you will actually see the employees, while they are preparing your food, wearing plastic gloves.  You can see the gloves.  You can see that they prevent the employees from touching the food.  So you can tell that there is not going to be any cross-contamination.  You can also see that the employees, when they are finished with your sandwich and move on to the next sandwich, strip off their gloves and get a new pair.

An optional requirement, that of preventing cross-contamination and infection and disease, is the same in both cases.  But in the case of hand washing, we don't have any assurance requirement.  In the case of the gloves, we do.

(It's possible that you could get a similar visibility with regard to the hand washing if the hand washing station was, in fact, out front and visible to the public.  That might possibly be off-putting in other ways.)

In a similar way, if our church has a program of hangout food to the homeless, that is the functional requirement.  However, we could have an assurance requirement, if we also had a kind of drop-in facility for the homeless.  If we staffed it with volunteers from the church, who are willing to actually talk to the homeless people who came in, then we could check to see if, in fact, they hand out to food where it is appreciated and did in fact make some difference in their lives.

Another example of security requirements from the pandemic was the question of masking in schools, and particularly elementary schools.  Now, initially, it was felt that masking was a major requirement in school.  After all, all teachers (and I know because I'm one), feel that children are little infection factories.  They catch everything that's going and then they spread it everywhere.  They are little germ spreaders.  So the functional requirement was, yes!  We should have masking in schools!  All kids in schools should wear masks!  At all times!

And then we started to figure out that kids didn't wear masks in schools all the time.  And particularly they didn't wear masks on the way to and from school, walking and talking in groups with their friends.  There was even a meme that did the rounds noting that kids actually swapped masks!  (Swapping face masks is not an ideal way to prevent airborne infections.)

Now, the insurance requirement, in this particular case, was detailed contact tracing.  Figuring out when new cases arose and where they got the infection from.  And lo and behold, it was determined that, quite contrary to what all of us as teachers thought, there was actually surprisingly little infection spread in the school environment.  Almost none, in fact, in comparison to the transmission vectors for the rest of the pandemic.

So, what are our Christian requirements?  What are the functional requirements, and associated assurance requirements?

Well, we have the requirement to love our neighbor, and we try to fulfill that requirement.  We have, for example, ministries to the homeless.  There are a number of churches in town who go to the homeless population.  They attempt to provide some sustenance and support for the homeless.  Possibly this is in the form of a bag lunch.  In one case, there is another church that makes up sandwiches and distributes them via the Salvation Army's Community Response Unit truck.

But where is the assurance requirement?  Where is any indication that the sustenance is actually going to the homeless?  Well, I suppose you are directly handing the sandwiches or bags to the homeless.  How do we know that this is effective?  How do we know that this is actually addressing a need?  Handing out a sandwich is one thing, but are we stopping and talking to these people?  Do we talk to them long enough to find out, really find out, more than just a quick expression of gratitude so that they will get another sandwich next time, that this addresses a need that they have.  Do they need sandwiches?  Do they need something else?  Do they need clothing?  Do they need to contact a friend or a family member?  Do we even know?

We have other types of service that we do, that have specific functional requirements.  For example, there are those who go on vacationary trips, building schools or other facilities for people in third world countries.  We need to have some kind of follow-up and feedback from those in those countries to ensure that we what we are doing what we are building is in fact of use to them.

Do we want to know?  Is *our* assurance requirement that we remain in ignorance, so that we can assume that we have fulfilled the functional requirement?

On one occasion in our downtown, an acquaintance noticed a discarded piece of clothing.  With much disgust, he asserted that that was ingratitude for you.  He was associated with a program that handed out clothing to the homeless.  Now here was one of their pieces of clothing, lying, discarded, as if it had no value whatsoever.

The thing is, it was wet.  What use is wet clothing to the homeless?  It will not keep them warm.  As a matter of fact, it's a danger.  Wet clothing will leech away heat faster than if you are even stark naked.  And why should they carry wet clothing around with them?  Once again, that's a danger.  Wet clothing is going to wet the dry clothing that you are wearing.  Once again, you risk hypothermia.  And, in any case, where is a homeless person going to be able to dry a piece of wet clothing?

In this case, the security requirement wasn't clothing; it was warmth.  And there was no assurance requirement that assured us that the clothing would remain dry.

As I said, a lot of people in business consider that security is something that can be discarded as unnecessary.  In church we need to present in the same way as security people, constantly reminding people that we, as security, are there to support the business.  Our objectives are their objectives.  We are there to help them.

In the same way, with the church, what is the church there for?  Who is the church there to help?  What are the objectives?  And then, what are the assurance requirements that let us know that the functional requirements are in fact being met.  We need to know that our functional requirements of teaching are getting through to the congregation.  We need to know that our functional requirements of supporting them, in their endeavors, are followed up by assurance requirements in terms of either pastoral care or small groups, where we get to know what their requirements for support are.

If we don't, we could just be wasting everybody's time.


Theological Lessons from Information Security

Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Sermon TLIS - 1.1.5 - "Footprints" and key performance indicators/metrics


Sermon - TLIS - 1.2.1 / 34 - Edit, Audit, Prophet

Sermon - TLIS - 1.5.1 - Manage Everything

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Sermon - TLIS - 9.8.5 / 73 - Muster station, safe and secure

Sermon - TLIS - 10.3.1 - Intellectual Property

Sermon - TLIS - 10.5.1 - Privacy

Sermon TLIS - 10.6.1 / 54 - Liability and Negligence



Posted by at No comments:

Tuesday, April 7, 2026

My view


My view on a 4000 mm lens:





Posted by at No comments:

Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Micah 2:11
If a liar and deceiver comes and says, 'I will prophesy for you plenty of wine and beer,' that would be just the prophet for this people!

Exodus 20:16
You shall not give false testimony against your neighbor.

Jeremiah 5:1
Go up and down the streets of Jerusalem, look around and consider, search through her squares. If you can find but one person who deals honestly and seeks the truth, I will forgive this city.

Deuteronomy 32:17
They sacrificed to false gods, which are not God— gods they had not known, gods that recently appeared, gods your ancestors did not fear.

Jeremiah 23:32
Indeed, I am against those who prophesy false dreams,” declares the Lord. “They tell them and lead my people astray with their reckless lies, yet I did not send or appoint them. They do not benefit these people in the least,” declares the Lord.

Micah 6:11
Shall I acquit someone with dishonest scales, with a bag of false weights?


I am a security maven.  A specialist in information security, or computer security.  Most people think that this only deals with confidentiality, which most people think of as privacy.  (And I've dealt with that, in a sermon, too.)  But no, that is too small an understanding of the field.  We are also very big on integrity, so I am very big on the truth.  In a certain enterprise that I used to teach for, they were very big on claiming that the entirety of security could be summed up in the CIA triad: Confidentiality, Integrity, and Availability.

What is integrity?  Reliability.  Consistency.  Honesty.  Integrity means things don't change.  God is consistent.  God is faithful.  God is unchanging.  So God has integrity.  Of course, in reality God *is* integrity, and the characteristic of God that means that he is unchanging, and always the same, is what we have called the quality of integrity.

Let me be honest with you.

No, really.  I know that it's hard.  We really don't like honesty.

Okay, already I've offended you.  I've said that we really don't like honesty.  You think that that means that I'm assuming that you guys are lying all the time.  That's not what I'm saying.  We don't just lie as a matter of course, or for the fun of it, but very often we can't handle too much honesty.  Job says that honest words are painful, and we have the saying that "the truth hurts."

What is honesty?  Well, I suppose we have to start with dishonesty, with falsity, with lies, with deceit.  In the Ten Commandments, the one that we generally think of as "don't lie," actually says you will not give false testimony against your neighbor.  In court.  In the Hebrew language and culture, lying wasn't simple lying as much as it was a very legal concept.  You were not to be a false witness.  You were to be a true witness.  An honest witness.  It was as if every word that you said was testimony in court.  You don't give false testimony.  You are a true witness.  You are honest at all times.

(I find it very interesting that the Hebrew focus and emphasis on the legal aspect of witness is reflected in the Nuu-chah-nulth language and culture as well.  Witness is a very important concept among the First Nations who inhabited the area around Port Alberni.  Even in cultural meetings, it is a traditional practice to hire a couple of witnesses to officially remember the event.)

And the primacy of honesty in Jewish culture extended to business.  Very often, statements about falsity are tied with statements about false weights and false measures.  You are to have a true weight, a true measure of volume, true scales.  When doing business deals, you are to ensure that the measurements are sound, correct, and do not change.  There is integrity in your measurements, and, by extension, in your business dealings.  You are an honest broker, an honest businessman.

And it extends to religion as well.  You are not to have any other gods.  You are not to worship idols.  Yes, occasionally God says that he is a jealous God, but primarily other gods are known as *false* gods, false idols, which, in fact, is true.  There are no other gods besides God.  Therefore all other gods, all other idols, are false gods and false idols.  They are not true.  God is true.  God is the truth.  Our God is the God of truth.  Honestly.

That's how important honesty is.  Paul said that either our message is true, or it is utterly and completely worthless.

God extended the concept of truth and honesty to the prophets.  A prophet who said, in God's name, things that God had not commanded him to say was to be put to death.  False prophets were a danger.  False prophets could seriously deceive the people as to what it was that God wanted them to do.  So prophets were to be tested.  And the false ones were to be rejected.  False prophets contaminated God's truth.

We need to be honest with each other.

We are all too willing to accept little white lies.  You know, not really lies, just glossing over some rough spots, making it easier for everyone to get along.  Well, sort of promoting.

We do it all the time in resumes and sales pitches.  We have to.  Everybody else is going to do it, so if we don't, we're left out.

Recently I was given a date for a presentation on the topic of generative artificial intelligence to a group that I knew would want a bio.

I hate writing bios.

I hate *listening* to bios, for that matter.  They always seem to be full of stock phrases and puff pieces, and rather short on actual facts or reasons that I should listen to this particular person, who is doing this presentation not out of any particular interest in or insight into the topic, but as a means of reaching for the next rung on the ladder of fame and success.

I hate doing them, on myself.  So, I thought it would be amusing to have genAI write a bio of me.

All three systems wasted an awful lot of their word count on what could primarily be called promotional or sales material.

It is nice to know that I am renowned, with a career spanning several decades, have made significant contributions to the field of cybersecurity, authoring numerous books and papers, with a solid foundation for my expertise, I'm influential and my publications have served as essential resources for both novices and seasoned professionals, I give engaging presentations, and my ability to demystify complex security concepts make me a sought-after speaker and educator, with a career marked by significant achievements and a commitment to advancing the field of information security, my work has been instrumental in shaping the understanding of digital threats and has left an indelible mark on the information security landscape.  My legacy serves as a testament to the importance of dedication, expertise, and innovation in the ever-evolving landscape of information security.

You will note that none of these claims are really verifiable, and so they are also basically unchallengeable.

Do we want to produce this kind of material, for any reason?  Is this not the slippery slope to the post-truth world in which we live, where major figures are able to lie, blatantly, provably, without regard or interest in whether or not people are going to be able to say that is a complete and utter lie?

But we keep on doing it.  Very often just to show ourselves in the best possible light.  Following the success of the Chemainus Mural Project, many other cities and towns followed suit.  Port Alberni is no exception.  We have a number of murals around town, with a variety of themes.  One in particular is interesting.  It seems to have wanted to portray Port Alberni in a light other than that related to the beautiful outdoors and the First Nations culture in the area.  So it decided to concentrate on the industrial heritage.  Or, perhaps rather, what it *hoped* that the industrial heritage might be.  There are a number of industrial activities that appear on the mural that have almost no connection to Port Alberni at all.  There is no open-pit mine in, or anywhere near, Port Alberni.  There are a number of farms in the area, and I assume that they make money, or at least maintain themselves, but there is no industrial-scale farming going on in the area.  There is no managed forest in the area. I suppose that the industrial factories, shown sitting on the waterfront, are just slightly a bit out of date.  But the offshore oil rig never operated here, and, in fact, only visited once in order to fill up with fuel.

Some of you probably know that it's not a good idea to ask how I am.  Because I don't like the fact that if I give you the answer that you expect, fine, I'm lying to you. In fact, I'm even saying that you are not important enough for me to tell the truth to.

In fact, you are lying by even asking the question.  It isn't actually a question.  "How are you" is not a question.  You don't want the answer.  I tend to say that how are you is SYN/ACK.   In communications technology, if you want to communicate with another device, you send a synchronization request.  SYN.  If the device in question is capable of communication, it responds with an acknowledgement: ACK.  That's what "How are you?" is.  SYN.  The expected response is "Fine."  ACK.

But I'm not fine.  Gloria is still dead.  I am a grieving widower.  I am also a depressive, going back six decades.  In addressing these problems, one of the things that I tried to do was to become the only pedestrian in town and walk everywhere.  But, about a year and a half ago, suddenly my energy completely disappeared.  To the extent that, if I walked away from my house, I was afraid that I would not have the energy to get back.  I can't go walking anymore.  I'm not fine.  My life is terrible.  That's what you need to know if you want to know how I am, but you never wanted to know how I am. And you never wanted to know that, in any case, and that's too much information.  TMI.  SYN.  ACK.  The words "how are you" are just SYN.  Like a prompt to a generative artificial intelligence chatbot.

So, when people ask how I am, do I just say "fine"?

This presents me with a problem.  If I say that I am fine, I am lying.  If I say that I am fine, I am saying that you are not worth telling the truth to.  I am *not* fine.  I am damaged, I am in emotional pain, and I am exhausted from trying to carry on with life, with what any normal person would consider normal day to day activities, which just seem pointless when your life has no meaning or purpose.  I am also exhausted from keeping a smile on my face, and not yelling at people who make stupid comments.

But, if you *don't* say fine, people don't like it.  If I say that I am terrible, I am only telling the truth.  My life is terrible right now.  I am in pain, I am damaged, and I know that I am not an attractive proposition, of any type at all.

But, as I say, if you say terrible, people don't like it.  I'm not absolutely certain why people have *such* an aversion to it.  Now, of course, all of us like to feel that we are fixers, and problem solvers, and that we can help other people.  But grief and depression are fairly intractable problems.  So it may very well be that a number of people are threatened by the fact that I say that I am terrible, and their cliched suggestions don't work.  Telling me to cheer up, doesn't cheer me up.  Telling me that God will comfort me, does not comfort me.  And so, because these cliches do not, actually, help, people may think that they are being attacked or denigrated because they have failed to solve the problem.  So, when you say terrible, and the quick fix doesn't fix, people don't like it.

Then again, the people who ask me how I am are lying too.  They don't, actually, want to know how I really am.

One of the leaders of the Christian Church in this particular area seriously proposed to me, one time, that my purpose in being in Port Alberni was to teach the Christian church and the congregants of the various Christian churches the value of openness, honesty, and vulnerability.  As soon as he said that statement, I burst into tears.  If that is, in fact, my purpose in being here, I have signally failed in the task I was supposed to undertake.

In terms of integrity, and truth, there is always disinformation.  I have talked about this information, and discord attacks, in another sermon, but there is a different point to be made here.  Disinformation frequently uses the truth, or a lot of the truth, or at least part of the truth.  After all, why lie when you can tell the truth, or part of the truth, and still mislead people almost completely?

This may sound like I'm changing the subject, but I was recently involved with a Bible study where the discussion focused largely on false idols.  Everyone was agreed that it was dangerous to follow false idols.  Everyone was agreed that hanging around with other people who worshiped false idols was risky, because you might be led into following those false idols as well.  But there's another thing about false idols.  They are sneaky.

Not that they are real.  But that false idols kind of sneak up on you.  The worship of a false or incomplete standard sneaks up on you, and then becomes a false idol.

I hope that I am not going to lose some of you at this point in the sermon, but I have to risk an example.  I was involved, a number of years ago, in planning a men's retreat.  Since men are primarily involved in work, and employment, and particularly back then, we decided that the theme of The retreat would be work.  We had a number of speakers lined up to talk about how they were able to live as Christians in their particular employment.  And we had a keynote speaker, who did an absolutely marvelous study on the Biblical basis of work and business.  It was solid, it was well prepared, it was well researched, it was supported many times over by scripture, and it was both theologically and Biblically sound.  And the guys at the retreat hated it.  Because it did not bow the knee to capitalism.  It did point out a number of injunctions that God places on us in the Bible, which are not consistent with standard business practices these days.  Capitalism is one of our new idols.  We are okay with God, as long as God doesn't mess with our business practices.

And that's only one of our new idols.  And these idols are not dressed up in gold and jewels, and identifiable as statues, but are part of our lives.  We don't recognize them as idols.

You want to know another idol?  How about the church?  No, I'm not talking about the people of God.  I am talking about the church as an institution, as a structure, as a set of policies, even as an identifiable denomination.  We talk an awful lot about the thin edge of the wedge.  Now, yes, when we talk about idols, I am suggesting that they sneak up on us, and use the thin edge of the wedge as a starting point.  And there are certain areas where we are quite willing to battle against that thin edge.  For example, anything that might, possibly, have to do with sex, we are on alert for.  Even the fact that some of you might be a little bit upset that I used that word shows how alert we are to anything in that area.

We need to be honest with each other.  Being honest with each other is a risk.  It means being open and vulnerable.  I am an information security expert.  I know that.  Giving away information about yourself to others is a danger.  The others might use the information you have provided about yourself against you.  I teach people about frauds and scams, and about how the scammers are going to use the information that they collect about you in order to deceive and steal from you.  To hurt you.  If someone knows about you, then they know how to hurt you.

But we really have no choice.  We also have a saying in security that it is better to be occasionally cheated than perpetually suspicious.  If we aren't honest with each other, then we can't have relationships.  Life is relationship.


Theological Lessons from Information Security

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Sermon TLIS - 1.1.5 - "Footprints" and key performance indicators/metrics


Sermon - TLIS - 1.2.1 / 34 - Edit, Audit, Prophet

Sermon - TLIS - 1.5.1 - Manage Everything

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Sermon - TLIS - 9.8.5 / 73 - Muster station, safe and secure

Sermon - TLIS - 10.3.1 - Intellectual Property

Sermon - TLIS - 10.5.1 - Privacy

Sermon TLIS - 10.6.1 / 54 - Liability and Negligence


Posted by at No comments:

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Romans 12:4-5
For just as each of us has one body with many members, and these members do not all have the same function, so in Christ we, though many, form one body, and each member belongs to all the others.

1 Corinthians 12:14-22,27
Even so the body is not made up of one part but of many.  Now if the foot should say, “Because I am not a hand, I do not belong to the body,” it would not for that reason stop being part of the body.  And if the ear should say, “Because I am not an eye, I do not belong to the body,” it would not for that reason stop being part of the body.  If the whole body were an eye, where would the sense of hearing be? If the whole body were an ear, where would the sense of smell be?  But in fact God has placed the parts in the body, every one of them, just as he wanted them to be.  If they were all one part, where would the body be?  As it is, there are many parts, but one body.  The eye cannot say to the hand, “I don’t need you!” And the head cannot say to the feet, “I don’t need you!”  On the contrary, those parts of the body that seem to be weaker are indispensable ...
Now you are the body of Christ, and each one of you is a part of it.

Ephesians 4:14-16
Instead, speaking the truth in love, we will grow to become in every respect the mature body of him who is the head, that is, Christ.  From him the whole body, joined and held together by every supporting ligament, grows and builds itself up in love, as each part does its work.


In discussing the gifts of the Spirit, Paul talks about the parts of the body.  He draws an analogy from the parts of the body, the various limbs and organs, and the different members of the church.  The different limbs and sensory organs, for example, have different functions that support the body's needs and operations.  In the same way, the different gifts of the Spirit, given to different members of the church, support the church's needs and operations.

In the security world, we also tend to talk about different parts of the organisation and the different functions that different people have within the enterprise.  Most would see this as rather generic: there is the management, particularly senior management, and then line management and supervisors, and then the direct line workers.  Different levels of responsibility for overall operations are discussed in terms of strategic management, tactical planning, and operational functions.

But there are additional breakdowns that we, in security, see in regard to how businesses operate.  This more detailed breakdown perhaps gives us some insight into the different responsibilities of individual Christians within the greater body of the church.

This is similar to the way that we can extend Paul's illustration of the various parts of the body, now that we know that the body is made up not merely of organs, but of tissues, and even down to individual cells.  Which, in turn, have interesting and illustrative internal structures.

Using this more detailed breakdown, we can come to a finer examination of specifically what we might request, and require, in terms of an individual Christian's responsibilities within the church.

We'll start, as is traditional, with executive or senior management.  This would be seen, generally speaking, as the role of the minister in the local church and possibly an area minister or bishop in the larger denominational structure, coming up to the archbishop, pope, or some senior moderator, at the very top of the denomination.  The very top, as wording itself seems to imply, that these people have greater importance.  As Paul points out, very correctly, "greater importance" is a pretty fluid concept.  Your brain might be considered more important than the lining of your gut, but if you have celiac disease and have just eaten a piece of bread, the lining of your gut becomes much, much more important than your brain, given the pain that inflames your intestine, and your inability to do anything else until you have dealt with that pain.

And, of course, there is that business of servant leadership.  Jesus gave us the illustration that the leader is to be one who serves.  The minister, or ministers, in the local church are those who are supporting the members of the church.  They are providing inspiration, direction, comfort, and support to the members of the church.  They are the ministers, and that literally comes from a word meaning servants.  They are ministering to the rest of the flock, the church.

My father very much liked to tell the story of a minister from a church in Quebec whom he met at a conference one time.  This particular church was very involved with evangelism, not that the minister would be going out and doing evangelism.  The illustration that the church used in this regard was that it is not the shepherd who makes more sheep.  It is sheep who make more sheep.  Therefore, the minister was the shepherd, caring for and supporting the flock.  The individual sheep were the ones who were going out and doing the actual evangelism.

Okay, who's more important now? 

The next step down in our discussion or structure of the corporate world in terms of information security is us.  The information security professionals.  There is a point that I tend to make when facilitating the preparation seminars that we tend to see ourselves as being the experts in information security.  That is, in fact, the case, but that doesn't necessarily mean that we have the final say or decision when it comes to a policy or a given activity.  Senior management hold the ultimate responsibility for the company.  Therefore, while we have a better understanding of our field, of the risks, of the tools available to us, it is the responsibility of senior management to make the actual decision.  It is our responsibility to give the best advice that we can, but we do not make the final determination.

Now how does this apply to the Christian life?  Well, one aspect of it is that, while we need to do everything in our power, and indeed have the responsibility to do everything in our power, to spread the word of the Gospel, to bring the good news, on an evangelical basis, to others in within the congregation, and particularly those outside the church, we cannot make the decision, for anyone else, to love or follow God.  That decision is for each individual to make.

In my own home denomination, that of the Baptists, one of the distinctives that we hold very dear is called "the priesthood of all believers."  That means that each individual Christian is responsibility for their ultimate decision: are they going to follow God or not?  Each individual has the right, and the responsibility, to make that determination.  And, therefore, it follows that each individual is, before God, responsible for all of their own actions.

In the case of the church, this division of responsibility works both ways.  The senior minister or pastor does not have the right to determine specific actions and behaviors that are acceptable or not acceptable for individual members of the church.  At the same time, an individual Christian who comes up with an insight or revelation has the duty to bring that to the leadership of the church, but does not hold the responsibility for ensuring that the church makes a collective decision about behavior or belief.

Within a corporate or company environment, there is a concept known as the data owner.  The data owner is the position or office that holds responsibility for a particular chunk of data or information.  For example, the data owner of the customer database is probably the sales or marketing department.  The data owner for the employee database is probably the human resources department.  The data owner can be a very individual thing.  For example, the creator of an individual document or letter is, in terms of information security concepts, the data owner for that particular file holding an individual letter, or report, or essay on a particular topic.

In terms of ensuring that information is protected in the most appropriate way, the ultimate responsibility falls to the data owner.

And I am sure that you will see that, from my previous mention of the priesthood of all believers, there would be an obvious extension of the idea of the data owner to the individual believer.  The individual believer has responsible responsibility for their own beliefs and the protection of them.

But there is an additional responsibility for the data owner and therefore for the individual believer.  Each believer is responsible to determine the level of protection.  A data owner is responsible to decide how sensitive this particular piece of data or information is.  How important it is, and how sensitive it is, has a bearing on the way that the overall company protects that information.  In the same way, the individual believer has a responsibility to educate themselves on various aspects of the Christian life.  How important is this particular belief to an individual believer?  And, as it is said, you should always be prepared to defend, to anyone who asks you, your belief in this particular aspect of the Christian faith.  That is why we have these sermons on Sunday morning.  Yes, to a certain extent, this Sunday morning service is to inspire you and support you, and sometimes even to comfort you.  But it does also to educate the individual believer.  To point out what we believe, and why we believe it.  And then there is your own study in these areas of belief.  Study of the Bible on your own.  Study of the Bible with smaller groups of fellow believers.  And of course individual and corporate prayer time to consider and meditate on the lessons you have learned out of your reading of scripture.

As the individual groups of people, with specific areas of operation and responsibility, support the overall enterprise, we note their specific provisions and responsibilities for the information that the company requires in order to operate. In the same way, there are different provisions and responsibilities, held by individual believers and members of the church, which are important to the function of the church in its overall mandate to love god, love your neighbor, and spread the good news to the ends of the Earth.

This is not to say that the leadership of the church does not have some responsibility to correct or at least attempt to correct errors.  If one of your elders is using your church's Bible study time to tell people that the reference in Isaiah to an army from the north and attacking villages that live in peace means that the end times are coming because Russia is attacking Ukraine, and that people should sell all that they have and donate the money to his organization because the end times are upon us, then possibly you should have a word with that elder.  (And possibly preach a sermon on how no man knows the hour or the day except God alone.)

Another group of people important to the information technology function in the corporate world is the technology providers.  These are the vendors, the contractors, the support people of various types in support of our business systems.  They are not really in the chain of command, but kind of come in from the side.  But they do have an important role to play, of course, and an analogue in our Christian institutions as well.

These are the faculties of seminaries, the traveling evangelists, the authors of books on the Christian life.  They are providing us with extra direction, and sometimes specific direction in a particular area, providing resources to enrich and extend our Christian life, and God's work in the world.  And there are responsibilities in regard to them as well.  As we find in frequent mentions in the Epistles, not everyone is allowed to speak in church.  The local church leadership, and sometimes the denominational leadership as well, have a gatekeeping function in terms of protecting individual believers from those who might be preaching a gospel other than the one that was preached to you.

In information security, when we provide access for contractors, the contractors have a responsibility not to abuse the privileges that we provide to them. In the same way, in regard to the local church, those from outside our congregation are providing something of value to us, but they also bear responsibility in terms of the purity, accuracy, and value to the individual believer of what they are asserting to them.

I have mentioned, in regard to the business world, the data owner.  There is an additional position and concept, which we refer to as the custodian.  This is someone who has not necessarily created a piece of information, but is holding or managing it on behalf of the data owner.  In the church, it is not reasonable to expect that any custodian is holding an individual believer's faith on their behalf.  However, the concept of the custodian is one that we should keep in mind.  Everything that is given to us is provided to us by God.  It is provided to us on the basis that we are stewards of all the provisions and resources that God gives to us.  We should always remember that we are the stewards.  Whatever we have is not our own, but granted to us by God, on the basis that we will use it for His service.

Gloria was a soloist, a wonderful singer.  She had a gorgeous and unique voice.  She knew, at the age of twelve, that her voice was a gift from God, and that it was to be used for God's service.  She kept this attitude throughout her life, despite many friends' insistence that she should use her gift, as well as in the church, in local community amateur dramatics and musicals.  She did occasionally try, but she never felt good about the results.  She was always most comfortable when her singing was directly in God's service.

In the corporate world, in terms of information security, another group is the users. The users are the ordinary employees and workers who are using the technology which we, in the person of the corporation, and also the information technology and security personnel, have provided to them.  Sometimes those of us in specialized fields have the feeling that the ordinary workers are somewhat beneath us, and that we are the ones doing the actual work.  In reality, of course, the ordinary employees and workers *are* the actual company.  We are merely an adjunct providing a specialized service.

In the same way, there is no one in the church who is "merely" a member of the church.  The church consists of all believers.  No man is an island.  The absence of any member diminishes everyone.  In the same way that the absence of an organ, or even a single cell, from a human body diminishes that body.

And all of us have a responsibility when any single cell of the body is missing.  In church, if someone isn't there one Sunday, it's quite possible you should check on why.  If that person is not there for a number of Sundays, why would that be the case?  It isn't necessary that you *not* contact another member of the church outside of the Sunday morning service.  It's quite possible to find out where they live, or obtain their phone number or email address, and check on how they are doing during the week, rather than merely on Sunday morning.

In the corporate information security world, there is one entity that is feared above all others.  This is the information systems auditor.  The auditors are seen, if we are using Christian terminology here, as the devil.  They are evil incarnate.  They are the ones who go through the battlefield after the war and bayonet the wounded.  Everyone hates the auditors.

And they are completely wrong to do so.

The reason that everyone hates the auditors is that the auditors are the people who point out your mistakes.  They are the ones who cast a critical eye over your programs, and notice where you have failed to anticipate an attack.

And they are absolutely necessary.

I write books.  I write sermons.  I write series of articles on important topics.  I write a lot of stuff.  Is anybody else here an author?  In the seminars, I always ask that question.  I ask if they can edit their own stuff.  Some people think that they can.  They can't.  I know.

I said that I write books.  Actually, I was wrong.  I *wrote* books.  I don't write books any more.  I have lost my editor.

Gloria was the world's best editor.  She was not only the best copy editor I ever met, but was able to conduct editing at all seven levels of that operation.  When I wrote my first book, she edited it seven times.  At every stage of the publication process.  I remember that when we got to the first galley proof stage, they sent me a copy of about a third of the book: 140 pages.  I sweat blood over that manuscript for eight hours, studying it line by line and word by word.  I identified twenty errors in that 140 pages of the document.  Then Gloria took over.  As I said, she was the world's best copy editor, but she also had another advantage.  She wasn't me.   She found four mistakes on the first *page*.

You can't edit your own stuff.  You can't find your own mistakes.

It's the same in the Christian life.  We need others.  We have to have others, and we particularly have to have others who challenge us.  We have to have the others that we find petty and boring.  They point out to us how little patience we have.  We have to have the needy.  They point out to us how little compassion we have.  We have to have those whose troubles are seemingly endless.  They point out to us how inconstant is our concern for others.

We need others to point out our mistakes.

Hopefully so that we can improve, and be better.


Theological Lessons from Information Security

Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Sermon TLIS - 1.1.5 - "Footprints" and key performance indicators/metrics


Sermon - TLIS - 1.2.1 / 34 - Edit, Audit, Prophet

Sermon - TLIS - 1.5.1 - Manage Everything

Sermon - TLIS - 9.8.5 / 73 - Muster station, safe and secure

Sermon - TLIS - 10.3.1 - Intellectual Property

Sermon - TLIS - 10.5.1 - Privacy

Sermon TLIS - 10.6.1 / 54 - Liability and Negligence


Posted by at No comments:

Monday, April 6, 2026

Sermon 81 - Sing Praise Unto the Lord

Sermon 81 - Sing Praise Unto the Lord

Exodus 32:18
Moses replied: "It is not the sound of victory, it is not the sound of defeat; it is the sound of singing that I hear."

Judges 5:3
Hear this, you kings! Listen, you rulers! I, even I, will sing to the Lord; I will praise the Lord, the God of Israel, in song.

1 Chronicles 16:9
Sing to him, sing praise to him; tell of all his wonderful acts.

Psalm 7:17
I will give thanks to the Lord because of his righteousness; I will sing the praises of the name of the Lord Most High.

Psalm 96:1
Sing to the Lord a new song; sing to the Lord, all the earth.


Music has always been part of my life in the church.  There was Sunday school.  It's rather astounding.  Some of these songs I was taught seventy years ago, and I still remember them.  And it's amazing how appropriate they are.  I remember a supposed contest at a theological seminary, where they had a summarize Barth contest.  The winning entry was, Jesus loves me, this I know, for the Bible tells me so.

Oh, I've got a million of them.  Well, probably several dozen, anyway.  And they'll still pop into my mind, at the oddest moments.

Then there were various children's choirs.  And eventually youth choirs.  Actually, I think that that is a significant advantage of taking your kids to church, and to Sunday school, these days.  They learn to sing.  (Well, not if they you just take them to church.  The praise singing that goes on in church well, possibly the less said the better, and I'm going to be talking about that in a bit.)  But children's choirs, yes.  That is training and singing in choirs.  And an awful lot of schools no longer have formal music programs.  Or, if they do have formal music programs, the students who get to be involved in the music programs are those who already *know* how to sing.  Those who know something about music.  And if you came up through children's choirs, and then youth choirs, in the church, then you know how to sing.  And you know how to read music.  At least for the purposes of reading sheet song music.  That's a big advantage in terms of getting into music programs.  And having musical experience and ability is a big advantage in getting into drama programs.  So, yes, take your children to church.  Get them into the children's choirs.  Insist that they continue on through the youth choirs.  It will be a significant advantage later in life.

Of course, when I went to church we sang hymns.  And that was an exercise in reading music as well.  The hymnals usually didn't just have the words to the hymns, but the sheet music, or at least a very basic version of the sheet music that had the four-part harmony, included in the hymnal.  Therefore, once again, you got practice in reading music.  You got practice in singing harmony.

Okay, I can't stand it anymore.  I'll have to talk about praise songs.  Praise songs, well there's two things wrong with the praise songs.  Well, maybe three.  The first is that praise songs are contemporary music.  They were written recently.  Now there's nothing inherently wrong with music that was written recently.  No, I am not going to say that nothing that was written after "Amazing Grace" has any musical quality.  Some of the stuff that is written recently is good and inspiring.  But some of it isn't.  There's a reason that the classics are the classics.  They have stood the test of time.  Music that doesn't have any particular value, hymns that don't have any particular value, fall out of the hymnals along the way.  What we get left over is the good stuff.  My absolute favorite, of course, is "Of the Father's Love Begotten."  This is not the oldest hymn that we know of.  There are passages in Paul's letters which are almost certainly recitations of hymns and praise songs that were sung in Paul's time.  So we know the words to some of these older hymns.  But we don't know the music.  "Of the Father's Love Begotten" is the oldest him that we actually do know the music.  It goes back to around 500 AD.  The song music that we have is certainly not written in modern notation, but it is enough that we know what the melody was for "Of the Father's Love Begotten."

And then there are so many hymns, that go back so far.  "Oh Come All Ye Faithful."  That's an English translation, of course.  The original is in Latin, and is even slightly older than the English words.  Adeste Fidelis.  And then of course there is "A Mighty Fortress is Our God."  Martin Luther's work.  Martin Luther was big on contemporary writing his own contemporary music and him.  He's definitely on your side in terms of wanting to have the music up to date and modern.  "A Mighty Fortress is Our God" was up to date and modern when he did it.  It's probably set to the tune of a bar room drinking song of the day.

(If you are an American, and perturbed at the mention of a bar room drinking song as the basis for the melody of one of the great hymns of the church, then you definitely don't want to know about the origin of your own national anthem.)

When I took Church history, our professor had a sing a hymn at the beginning of every lecture.  The hymns that we sang, that he chose, were often representative of the time.  That we were exploring as we went through the history of the Christian church.  And there are so many wonderful hymns.  Although, as he did point out, we do tend to sing more heresy than orthodoxy.  But yes, there are wonderful old Christian hymns, and the hymns stay with you.  There are two reasons for this: one is that you have the poetry and the music to cement the lyrics in your memory.  But the second is that songs, and hymns, and praise songs, carry a very heavy emotional content.  This tends to also cement them, very firmly, in your memory.

Anyway, you know that's the first reason why I like the old hymns.  But there's a couple more reasons that I'm not particularly fond of the prevalence of praise songs in modern worship services.

So the second reason is, well, as one of my dear old friends calls it, praise songs tend to be 7/11 music.  He uses the term 7-Eleven to indicate that these songs have the same seven words that get sung for eleven minutes.  He's right.  An awful lot of the modern praise songs have very little verbal content.  The lyrics don't really deal with a lot of theology or religious ideas.  Lest you think that I am exaggerating the idea of the same seven words being sung for eleven minutes, there is one praise song that contains, in total, four words.  And on one occasion I heard a group of young people singing this song for fifteen minutes by my watch.  I am not kidding, and I am not exaggerating.  Four words. Fifteen minutes.  I began to think that maybe they were starting up a new cult.

The third reason that I am concerned about the prevalence of praise songs in contemporary worship services is that praise songs tend to be performance songs.  These are songs that the song leaders of today here either on radio stations or in other sources of popular music.  Well, Christian contemporary music, anyway.  And these songs are written, and sung, by professional performers.  They tend to have a lot of bridges.  They tend to have a lot of interludes.  They tend to have long and varying endings, repeating sections of the lyrics that have been sung during the body of the song itself.  The thing is that they are performed.  They are performed by professional singers.  The professional singers can do a really good job of them.  Your common or garden Sunday morning congregation can't.  They are not professionals.  Not musical professionals, anyways.  And they have a hard time with the complicated rhythms, changing key signatures, changing time signatures, and other flourishes that professional singers can get away with, but amateurs can't.  So, if you pay attention, in Sunday morning services these days, you will notice that it is a performance, rather than a participation in praise.  The worship team, up at the front, are doing their best to give us solid and professional performance, as they have heard on the version of the song they first heard wherever they first heard it.  They are trying to reproduce the professional song and tone and style that was done by the professional musician.  But that's a bridge too far for the congregation.  So the praise team stands up at the front and sings, and the congregation stands, and, by and large, is silent.  Oh yes, there are some in the congregation who are trying to sing along.  They are trying to participate in worship.  But certainly not everyone.

I don't stand up to sing anymore.  I've got arthritis, and degenerating discs, and I am just, generally, old.  My legs are weak, and standing, all through the praise time, it's difficult for me.  Yes, I know, I always stood, all through my youth and middle years, singing in church.  But that's because I was singing in church.  When you are actually singing, you don't want to sit down.  You don't want to have your diaphragm and your chest compressed.  No, you want to stand.  Standing allows you full expansion of your chest, and unimpeded operation of your diaphragm.  But that's if you're singing.  Since so many of the songs the praise songs are so difficult to sing, and I don't know them anyways, and they don't have harmony for me to sing in any case, I don't sing along anymore.  So there is absolutely no reason for me to stand during the praise singing.

The church allowed me to practice music, and reading of music.  And it was undoubtedly the church, and even the contemporary music that was available when I was a youth, that got me into collecting folk songs during the 1970s.  And I sang folk songs in the coffee houses of the churches of that day.  I collected folk songs, and I collected a lot of religious folk music.  That was the style of music in those days.  I believe that, somewhere, I still have my massive collection of contemporary Christian music from those days, possibly 1,000 songs that I collected at the time.  So, once again, yes, getting your kids involved in music in the church getting your kids involved in music.  They're just aren't any other opportunities to really participate in music in our society.  Music is, more and more, performances by professionals, and listening by the rest of us.  So participation in singing in the church is important.  I'm somewhat disappointed that I don't get a chance to participate in singing in church anymore.  But we all get old.

And then of course I met Gloria.  Gloria was much more involved with music than I was.  We did sing in the choir together, at one point.  That was of course, back in the days when church is actually had choirs.  And when I say sang in the choir with Gloria, of course, what I really mean is, that Gloria and I sang in the same choir.  Gloria was in front row of the sopranos, I was in the back row of the basses.

Gloria was also the featured soloist frequently. I was in the back row with the bases. 

Gloria first appeared off stage with a solo part at the age of nine.  By the age of twelve, Gloria knew that her voice was a gift for from God and it was to be used in God's service.  She was quite well aware of her responsibilities, as a frequent soloist in the church.  She knew to develop a pleasant resting face.  In order to present a pleasant face to the congregation when she wasn't actually doing anything in particular on stage.  This became so entrenched that, when she was walking down the street, people would frequently smile at her, thinking that she had first been smiling at them.  No, not necessarily: that was just Gloria's pleasant resting face.

There were, of course, those of lesser talent who were jealous of Gloria's gift, status, and position.  However, it is interesting to note that certain people didn't want her to sing for completely different reasons.  There was one minister whom we both knew.  He had been headhunted, and recruited, from a seminary in the United Kingdom.  He was a man of status and stature himself.  I remember, myself, stocking the house for himself and his family as he was due to arrive in Canada, and including a number of items that I knew were available in the United Kingdom, but could only be found in specialty stores here in Canada.  He flatly refused to have Gloria sing in a service where he was presenting the sermon.  His explanation of this was that Gloria's voice, and her songs, were so elevating that he didn't know how to get, in his words, "people down off the ceiling," after Gloria had delivered a solo.  I always wondered about that response.  Why would you want to get them down off the ceiling?

Music is an integral part of praise and worship.  It is important to the church.  I dare say one could make the point that it is important to our Christian life, overall.  Singing solos in the church can be used to present a new point of view, very strongly.  Music, as I have noted, carries emotion with it.  It is not just the lyrics, although even the poetry of the lyrics can have its own effect.  The music itself carries an emotional component that goes beyond the mere words that we may say or recite from scriptures.  This emotional component is vitally important to our worship and our experience of coming to meet with God in the service.

Music, and the choice of music, can frequently be divisive in the church.  Once again, this is likely because music has such a heavy emotional characteristic.  People want to preserve the music that they most appreciate, whether this is the old classic hymns, or the new contemporary praise songs.  Everyone has their favorites, and wants to know that their favorites can be played as often as possible.

Hopefully we can accept the choices of others in regard to the music in the church.  After all, if we continue to insist on a steady diet of our old favorites, we may miss the opportunity to find new favorites among the more contemporary music that might be presented.  I also note that a number of the old classics are coming back.  This time presented as new, when an old hymn is presented with a new chorus or bridge, and delivered to us as an entirely new product, without realizing that it has been around, possibly for hundreds of years.

Sing praise unto the Lord.  However old or new.


Posted by at No comments:

Sermon - TLIS - 10.3.1 - Intellectual Property

Sermon - TLIS - 10.3.1 - Intellectual Property

Ecclesiastes 12:12
But beyond this, my son, be warned: of the making of many books there is no end, and much study is a weariness to the flesh.


I suppose that I should start with how much I dislike "Footprints."  Poem, poster, meme, coffee mug saying; whatever it is, I'm not really thrilled about the concept, and I have written elsewhere about that.  But it also irks me that the author has been so very aggressive in asserting her intellectual property rights.  She has sued the pants off anybody who has dared to use the piece in other commercial products.  Or, sometimes, even if they just used it in a sermon or a poster for their own church.

Now, of course, legally, she has every right to do so.  Legally, she holds the copyright, and she gets the right to decide which products get made and how much people have to pay her in order to make them.  That is copyright.  As soon as she first wrote down that piece, whatever it is, she held the copyright.  She gets to hold the copyright and benefit from it for the next seventy-five years or so.  (At least from the date of first writing it down.)  That's the law.

And, of course, I am a published author myself, and I do an awful lot of writing, and I have even had material of mine stolen and sold to a third party, without me getting any benefit from it!  You would think that I would be more sympathetic to this whole intellectual property idea.

I have taught about this subject for over a quarter of a century now, so let's consider some of the details of it.

There are four flavours, if you will, of intellectual property.  There is copyright, for when you create some piece of writing, art, music, or anything else that you create.  There is patent, when you invent some kind of device that is new and useful.  There is trademark, which refers to characteristics, colors, shapes that you might use to identify your particular product as opposed to other similar ones.  And there is the trade secret, which is some process for manufacturing or doing business which you know, but which you keep secret from anybody else, in order to keep your business advantage over everyone else.

There is an interesting dichotomy between Eastern and Western thought in regard to this issue of intellectual property.  In the Western world, we tend to come down on the side of the individual.  If you have created something, or invented something, or thought of something first, then you get to benefit from it.  Part of the benefit that you get from it is preventing, if necessary, anybody else from using your creation or device or process.  Eastern philosophy and culture think a bit differently: they believe that the community is more important than the individual.  Just because you thought of it first doesn't mean that you get to tell anybody else that they can't use it.  This created a lot of cultural clashes in the nineteenth and twentieth centuries.  Asian countries tended not to have intellectual property laws, and couldn't understand why they couldn't copy something that was widely available in the West, and, generally, sell it at a cheaper price.

Now, at this point, we should probably start looking into the Bible and see what God thinks about intellectual property.  Also, at this point, you may be starting to think that I'd come down on the Eastern cultural side of the argument and say that, as a Christian, I think that we should be thinking more about others than about ourselves.  After all, I have written elsewhere that I don't think that God is terribly interested in efficiency.  In general terms, you'd be right, but it's a little bit more complicated than that.

As I noted, I am a published author, myself.  I have been paid to write books.  I get royalties from my books.  One of my books, "The Dictionary of Information Security," had almost the entire contents of the material for the book stolen by someone who passed it off as his own work and sold it as content to some other company.

Now, possibly the reason that I am less concerned about this than the author of the "Footprints" piece is that I don't make as much money as she does.  My books don't sell terribly well.  They are for a specialized audience, and while they are respected in a particular field, they aren't exactly coffee table books for the general population.  They are never going to be turned into movies.  I am never going to be able to retire on the proceeds.

A lot of my ideas, other than books, have been stolen by other people as well.  I had an idea for a project for a major event in Vancouver, and somebody else, with a higher name recognition and a bigger position than I had, stole it, and ran with it.  They did a really terrible job at implementing it.  A similar thing happened recently, on a slightly smaller scale.  And then there are projects which other people have asked for my help with, and when I did provide assistance and worked very diligently at getting their particular project off the ground, they then abandoned it, and all my work was for nothing.

Gloria frequently asked me, on these occasions, whether I was angry at being treated this way.  Yes, it is annoying.  But, I tended to reply, what good would it do me to get mad about it?  Generally speaking, there isn't an awful lot that I could do about the situation.  Certainly nothing that would confer any benefit on me by doing it.  So getting angry about the situation only upsets my stomach, and certainly doesn't do anything to the people who are doing things to me.

And I often told Gloria that, in reality, I kind of felt sorry for the people who were stealing my stuff.  Obviously, they needed to steal my stuff, and this was the biggest thing in their lives right now.  It's not, and never was, the biggest thing in *my* life.  I have all kinds of things in my life.  I do all kinds of intellectual work.  I have taught on six continents.  I generate all kinds of intellectual content.  When someone steals one of my ideas, I will always be able to generate another one.  Other people, not quite so creative, have to steal mine.

And maybe that's where we can finally turn to a Biblical understanding of how God feels about all this intellectual property business.  God is creative.  God is ultimately creative.  God created the universe, and everything that exists.  God has endowed us with a creativity.  It may be a pale imitation of His creativity, but He does allow us to be, in a sense, creative, and to create new things.  (Even though He does say that there is nothing new under the sun.)

And then God gives it away.  God has created the world, and everything in it, and everything that we need in order to survive, live, and thrive.  He has given it to us, to hold as stewards, perhaps, but He gives it to us and allows us to do with it what we will.  God's creation was perfect, and then our sin caused it to become fallen and imperfect.  And God doesn't demand any repayment for our misuse of his creation.  Indeed, eventually he is simply going to create a new heaven and a new earth.

I am writing sermons.  Nobody is asking me to write them, and nobody is asking me to preach them.  (Nobody is paying me to write them.)  I am posting them here.  This site is freely available to anyone who wants to look at it.  These sermons are freely available.  I have no idea whether anyone is taking them and preaching them.  (And possibly passing them off as their own.)  I'd like to get some credit for the sermons if somebody does, but I'm not going to worry about chasing people down who might take these sermons and use them.  In any real sense, God has given me these sermons, and I'm just passing them along to you.  God has also provided for my material needs, so I don't need to charge anyone for these sermons.

So, actually, *I'm* in pretty good shape.  I don't need to aggressively defend my intellectual property.  I have enough for my needs, and I find the writing of these sermons, and other of my writings, intellectually stimulating work.  And as for those who steal my stuff?  Well, after all, as George Herbert said, the best revenge is living well.

As for all the research that I have to do, and then some people may steal it?  Well, Jeremiah had something to say about that "Call to me and I will answer you and tell you great and unsearchable things you do not know."  That's pretty powerful stuff.

The Bible tells us that working and creating is good.  It should even be celebrated!  The Bible also notes that merely accumulating money and treasures isn't all that great.  It is, in fact, to be avoided.  Working creatively, developing something, creating something that other people want and can use is good.  What we receive from doing it is the satisfaction of the work itself, not the money that it heaps up for us.

A couple of final words from Ecclesiastes:

Ecclesiastes 5:18
This is what I have observed to be good: that it is appropriate for a person to eat, to drink and to find satisfaction in their toilsome labor under the sun during the few days of life God has given them—for this is their lot.

Ecclesiastes 12:1
Remember your Creator in the days of your youth, before the evil days come, when you shall say, I have no pleasure in them


Sermon - TLIS - 0.2 / 47 - Integrity/Robert Slade is a world renowned speaker

Sermon - TLIS - 1.1.3 - Functional and Assurance Requirements

Sermon TLIS - 1.1.5 - "Footprints" and key performance indicators/metrics


Sermon - TLIS - 1.2.1 / 34 - Edit, Audit, Prophet

Sermon - TLIS - 1.5.1 - Manage Everything

Sermon - TLIS - 1.7.1 - Organizational Roles and Body Parts

Sermon - TLIS - 9.8.5 / 73 - Muster station, safe and secure

Sermon - TLIS - 10.5.1 - Privacy

Sermon TLIS - 10.6.1 / 54 - Liability and Negligence


Posted by at No comments:
Subscribe to: Comments (Atom)