Security culture is everything. If you work in security, you probably already know that…For business executives, though…well, that mindset is largely absent. In fact, as this new CNN piece I’m quoted in about Omarosa secretly recording her firing in the most “secure” room of the White House highlights, talk is cheap. IT and corporate security professionals can evangelize the importance of security – especially security culture – all day long, every day of the year…but as soon as an executive decides that he or she is going to do things his or her way, that basically negates all security efforts to that point.
This begs the question – what good are we really doing in IT and security when single bad/blind decision by someone in charge is all it takes to bring things down??
Of course, policies usually mean nothing. Security is more than that…including (and especially) culture. Hey, based on this White House story, at least these things are not just happening in the context of IT and corporate security…it’s clearly happening at the highest levels of global leadership and politics as well. Seeing this – and everything else related to security, tell me politics doesn’t drive most things…Sadly, many people steer clear of politics but as Greek statesman Pericles once said, just because you do not take an interest in politics doesn’t mean politics won’t take an interest in you.
Quoting the CNN story:
“Trump uses a nonsecure phone for communications, claiming it is too “inconvenient” to adhere to rules. He gets important briefings outside of secure facilities. At best, he doesn’t take security seriously; at worst, he doesn’t appear to care.”
How many times have we seen/heard this!!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”