Read moreDoveryai, no proveryai (Trust, but verify).
Questions to Answer for Writing Proper Documentation
There's a trend in bringing in outside personnel to assist with documentation efforts. IT departments know they lack proper documentation and lack the time to concentrate efforts on documenting their systems. So it's understandable to want to hire specialists who...Read moreWhen entrusted to process, you are obligated to safeguard.
Goals of Information Technology Support
A few months ago I was casually discussing roles of IT personnel with a law enforcement professional. This discussion was rather short as we were only briefly going over the scope of duties. However, the discussion got me thinking about how much security is integrated...Read moreGive a man an audit and he will be secure for a day. Teach a man to audit and he will be secure for the rest of his life.
Exploring Policy Format Tips
We kicked off the exploring series by taking a look at policies. We started with recognizing policies as a major type of documentation. We moved into the importance of having policies. Then we took a look at how a policy is created and effected. In order to wrap up...Read moreInformation security is an economics problem.
Exploring the IT Policy Creation Process
We've reviewed policies as a major type of documentation and why having policies are very important. Now, let's jump into a brief overview of how a policy is created and effected. The IT policy creation process is as follows:...Tales From Cybersecurity Leader Bios
I'm still reeling off the high from the annual Security Congress put on by (ISC)² a couple weeks ago. As I calm down, I'd like to review a few highlights from a few of the speakers. Join me as we go through a few cybersecurity leader bios, they have a few good...Read moreSecure is an adjective, so it’s subjective to owner’s risk acceptance.