Security isn't just a tech issue. If you go into thinking your gear is your security program, you're leaving yourself open to hurt. Tech toys can't solve all security problems.

A lot of the obvious problems can be mitigated with simple configurations and preventative controls.

You need to consider the following:

  • Communication across all employees
  • Risk analysis beyond the management of traditional insurance or even project management
    • There's also a level of risk acceptance, including straight up ignoring it
  • Frameworks (like NIST CSF or Microsoft Operation Framework), data regulation, or compliance issues

Think beyond the hacking and administering part of information security. You can have strategic plans with

  • Information security management
  • Information security consulting
  • Information security analytics
  • Disaster planning and recovery

Don't look for a one-size-fits all solution to solve all security problems. You can however, go a long way involving your people.

Pin It on Pinterest