You can't secure what you don't acknowledge.SM

Friday, May 24, 2013

Quoted in the Wall Street Journal this week

I was quoted in the Wall Street Journal (Tuesday May 21 edition)...it's a piece written by Gregory Millman talking about how senior executives are often at the root of information security problems. Check it out:

Corporate Security's Weak Link: Click-Happy CEOs 
Top Bosses, Exempt From Companywide Rules, Are More Likely to Take Cyber-Attackers' Bait

As I've written in the past, this is a big problem in businesses both large and small based on what I see in my work:

The BYOD Security Loophole


What to do when the CIO gets in the way of enterprise IT security

Tuesday, May 21, 2013

The next time you're feeling bullied...

Ever have a psychopathic executive (in IT or otherwise) try to force you to do something you simply can't support, railroad you down the wrong path, or attempt to make you feel inferior? You're not alone - I see and hear about this a LOT. There are many people pretending to be leaders who are simply insecure in their jobs so they try to flex their muscle to put up a "strong and capable" facade. Ironically it does just the opposite.

Well, when it happens to you, listen intently (people love that) but keep this bit from Henry Wadsworth Longfellow in mind:

"He that respects himself is safe from others; he wears a coat of mail that none can pierce."


Much of what we do in IT and infosec is merely playing the game of politics. If you understand people and why they act the way they do (it's all based around self esteem), you can simply play along and attain some semblance of peace at work.