If you missed it: “A” is for Accountability “B” is for Business “C” is for Cybersecurity “D” is for Data And “C” is NOT for compliance. Why not? The simple answer is: Compliance is NOT information security despite what people may think. Judging from how many organizations treat compliance and information security like they’re the same, they’re not. People must be confused. Compliance has never…
The words we use make a difference. They make a difference in what we do, how we communicate, and our overall effectiveness as information security professionals. This may seem basic for you, but it’s important to recognize not everyone is an “expert”. Unless you only work with people like you (experts), you’d better master the application and communication of these basics. Despite wanting “D” to…
Cybersecurity is NOT the same as information security. Different words, different things. What is “Cybersecurity”? In order to fully appreciate the difference between information security and cybersecurity, we need to define both. Information Security The workable definition of information security that I’ve used for a decades is: Managing risk to unauthorized disclosure, alteration, and destruction of information using administrative, physical and technical controls. This is…
Well, it’s already mid-October and the election is 21 days (three weeks) away. Things have never seemed crazier or more divided, at least not in my lifetime. Good fodder for discussion in episode 101 of the UNSECURITY Podcast! Work-wise things are also crazy, but good. Fourth quarter is always nuts for an information security company, and doesn’t matter is it’s consulting (FRSecure) or SaaS (SecurityStudio)….
A business is in business to make money. You and me? We’re in the business of living life. Don’t forget either of these points, now or when you’re doing your (information security) work. Personally, I get messed up sometimes, thinking I’m in the business of securing/protecting everything under the sun, forgetting to live life. Protecting information is a good thing, even a great thing, but…
Hard to believe that this is episode 100 already! I’ll have to write a recap of the journey sometime soon. Crazy things all over the place here at FRSecure and SecurityStudio. If you’ve been an information security consultant, or if you know one, you know that 4th quarter is a crazy time of year. Turns out, COVID-19 and 2020 is NOT the exception. We’re happily…
Information security ABCs – An exercise in the fundamentals and basics of information security for everyone. Accountability the state of being accountable, liable, or answerable. This is where information security starts. If accountability were better understood, agreed upon, practiced, and enforced, we’d have much better information security. Who’s ultimately responsible for information security in your organization? This is a question I’ve asked 100s of organizations…
Happy Tuesday! Here we are again, and lots going on… The big news (sort of) is the first presidential debate is tonight. I wonder how many people will tune in. Personally, I’m not sure if I will. We’ll see. A few weeks ago my wife asked me to watch the social dilemma with her on Netflix, so I did. I’d heard about the documentary/movie from…
Here we are again, another Tuesday, and another episode of the UNSECURITY Podcast! Tons going on, as usual. Last week we released a couple new FREE things at SecurityStudio: Work From Home Security Policy Template – Located at the bottom of our S2Team page. If you don’t know what S2Team is, you should definitely take a look. If you just want the template and don’t…
Good morning! Happy Tuesday! Thinking Brad is back again this week. I dig that because I dig Brad! Last week, Brad was out feeling sick. This led to a solo recording of the UNSECURITY Podcast; go check out episode 96 if you want to hear me do my most awkward podcast yet. Busy, Busy, Busy We’ve been very busy around here, and it sounds like…