• 03 Jun 2021

    How to network to boost your IT career

    If you asked me what the one critical element is for maintaining a successful career in IT, I’d say networking. No, I’m not talking about the Ethernet, layer 3 switch, and VLAN type of networking. Rather, I’m referring to staying in touch with existing colleagues and attending networking events (presentations, seminars, conferences, etc.) with the intent of meeting new people who can, ultimately, help you accomplish your career goals. The ...

    Continue Reading...
  • 29 Apr 2019

    I’m IT…Respect my authoriTAH!

    If you've watched the animated TV show, South Park, you'll appreciate this. I just came across an article titled The Importance of Respecting Expertise in IT Professionals by Michelle Rakoczy. It's a thoughtful and well-researched piece on why people outside of IT need to respect the guidance/opinions of IT professionals (yet often don't). In my years of information security consulting and observing human behaviors as they relate to the field, ...

    Continue Reading...
  • 16 Jan 2016

    Tips for taking your information security program to the top

    Ready to make some changes to your information security program for 2016? You need to read these pieces I've recently written:Setting and achieving realistic information security program goals for 2016 Information security's chicken and egg problemSecurity's gaping hole - policy enforcementFour reasons people aren't buying what you're selling in IT When security policies are bad for businessReacting vs. responding to security incidentsSecurity’s greatest challenge – inactionUsing what you've got to build ...

    Continue Reading...
  • 07 Apr 2015

    A core reason why security challenges go unresolved

    Constantly dealing with information security issues in your organization? It's really about dealing with management, peers, and subordinates. Here's some motivation:"The ability to deal with people is as purchasable a commodity as sugar of coffee, and I will pay more for that ability than for any other under the sun." -John D. Rockefeller If you're in search of other ideas on how to get (and keep) people on board with ...

    Continue Reading...
  • 10 Jun 2014

    Pitching your ideas in IT

    If you work in IT, your communication and selling skills are more important than anything you can ever do technically. This includes "pitching" your ideas to your audience - typically management and users. As a speaker, I often struggle with new approaches for pitching my ideas.Here's a good Success.com Q&A with Shark Tank's Daymond John to help remind us of what people are looking for. I especially like where Daymond ...

    Continue Reading...
  • 12 Nov 2013

    Low information users and the challenges they create

    Thanks to the political elite and the dumb masses they inspire, you've probably heard the term low information voter…In a nutshell, this term refers to people making a critical decision without knowing all the facts.  As Winston Churchill once said “The best case against Democracy is a five minute conversation with the average voter.” Interestingly, this concept and quote make me think of information security and why we need to ...

    Continue Reading...
  • 16 Jul 2013

    Never forget this

    Although we strive to get others on our side, here's a good reminder from the late Richard Carlson that applies to IT and information security that we should always keep in mind:"The sooner we accept the inevitable dilemma of not being able to win the approval of everyone we meet, the easier our lives will become". Speaking of building your confidence and independence, here are some new articles I've written ...

    Continue Reading...
  • 14 Jan 2013

    How are you getting your points across?

    Here's a great point to remember regarding information security:"A mediocre person tells. A good person explains. A superior person demonstrates. A great person inspires others to see for themselves." -Harvey Mackay...

    Continue Reading...
  • 21 Dec 2012

    IT security careers, committees, and corruption

    Here are some new pieces I've written on IT and security leadership (or lack thereof). Enjoy!What to do when the CIO gets in the way of enterprise IT securityHow to form a functional enterprise IT security committeeUnderstanding management gets your IT department what it needsFive Concepts for IT Security SuccessAs always, check out principlelogic.com/resources for links to all of my information security whitepapers, podcasts, webcasts, books, and more....

    Continue Reading...
  • 19 Jun 2012