Security pros should listen with their heads, not their hearts
by Brian Honan - CEO BH Consulting - Tuesday, 19 February 2013.
3. Communicate proactively and clearly to senior management and the business. Whenever you see news headlines that will raise questions at senior management level, make sure to put your context on that story and highlight what you have in place to prevent it impacting on your organization. Communicating regularly with the business will also cement you - and not the media - as the trusted source for information security news.

4. Ask questions! Every time you hear a vendor, a conference speaker or read an article that makes statements without providing context or gives statistics without providing the data, ask yourself what are they trying to achieve? Don’t be afraid to challenge these sources and get clarification on how they are using data to support their arguments. Always ask why.

5. Finally, let’s work together and share information on how we can better protect our networks, systems and data. If you’ve managed to successfully implement a solution to a particular problem, share it with your peers. Post it online in a blog post or as a white paper. Consider li presenting it at a conference. It need not be a major conference - start with your local chapters of ISSA, ISACA, ISC2 or OWASP.

Our job as information security professionals is a challenging and exciting one, but let’s make sure the work we do is based on facts and logic and not on hyperbole and headlines.



Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to the Europol Cybercrime Centre, an adjunct lecturer on Information Security in University College Dublin, and he sits on the Technical Advisory Board for a number of innovative information security companies. He has addressed a number of major conferences, he wrote the book ISO 27001 in a Windows Environment and co-author of The Cloud Security Rules. He regularly contributes to a number of industry recognized publications and serves as the European Editor for the SANS Institute's weekly SANS NewsBites.

Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //