the State of Security
Communicating the value of Information Security – Part 2

Communicating the value of Information Security – Part 2

by Dwayne Melancon

Last week, I shared the first part of my learning about best practices for connecting InfoSec activities to the business. In part 2, I talk about the value of knowing your business.

Read More

Are your security people lying about the impacts? Probably, but not on purpose.

by Shawna Turner-Rice

Security is a complex, often nuanced, topic. Today there’s a lot of subjectivity in 100% security oriented discussions. Business people like non-squidgy objective numbers. To make security investment decisions, security people have to sell their area to the business; which means speaking their language. As a consequence, security people are often trying to make objective [...]

Read More
Communicating the value of Information Security – Part 1

Communicating the value of Information Security – Part 1

by Dwayne Melancon

Earlier this year, I began writing about my project relating to “connecting security to the business.” Essentially, I want to find repeatable methods to help information security people communicate the business value of their activities to non-technical audiences. Starting today I’ll be sharing some of the things I’m learning on this journey.

Read More
Do We Need Information Security Outlaws?

Do We Need Information Security Outlaws?

by Adam Montville

I have to admit that I am an addict.  I’m addicted to the FX program, Sons of Anarchy.  The SOA is a motorcycle gang club operating outside the law in a small California town called Charming.  The local police chief is in the club’s pocket, as is a particular county sherif’s deputy.  The citizens of Charming [...]

Read More
Interesting security reading

Interesting security reading

by Dwayne Melancon

I’ve been reading couple of security-oriented books lately, and liked them enough to talk a little about them here. If you like to read, I have found two books that are great reads, which you can easily fit into your mood — serious or casual.

Read More
20 of the Best IT Security Lessons Ever Learned

20 of the Best IT Security Lessons Ever Learned

by David Spark

After working in information security for many years, we’ve come to understand that change is infosec’s only constant. Systems, people, and the secure state of your company, the network, and its data are always in flux. To keep up with the IT security’s ever-changing nature, we reached out to experts and practitioners to see if [...]

Read More

← Previous Entries

Next Entries →