After 10+ years in IT and 5+ in InfoSec I’ve learnt that for security initiatives to be effective, security must one of the core values of corporate culture.
Security professionals can’t achieve their greatness if they’re not being actively supported by all stakeholders across the entire organization and if other employees don’t feel ownership for the organization’s security/safety. Each time I have joined an organization, where security professionals wanted to do everything themselves, they miserably and painfully failed shortly after.
Fighting a broken security culture without any support from the top leads to burnouts for InfoSec folks and creates general anxiety, irritation and a toxic atmosphere within an organization. Continue reading “Guide into Effective Security Management”