If you’re a security professional who’s regularly telling IT and the business side what they’re doing wrong with security, you’re doing it wrong.
That’s what John Peronti, president of IP Architects LLC, told attendees at Interop New York last week. “They have no incentive to spend time with you if you [only] tell them what they are doing wrong,” he says. Security pros should serve as risk advisers to the company, he says.
“As security people, we are better at talking about threats and vulnerabilities than we are about risk,” Peronti said. But it’s time to shift that mindset, he says, and to embrace the security risk profile approach.
SOURCE: darkreading.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…