One of the elements of being successful in security is asking the right questions – and not being afraid to do so. As information security professionals we can, and should, question the funding of security projects, management being on board with the business risks at hand, and so on.
I recently came across two great quotes regarding questioning. First, Anthony Robbins said “Quality questions create a quality life. Successful people ask better questions, and as a result, they get better answers.” Second, Albert Einstein said “The important thing is to not stop questioning.”
We don’t have to be pests and we certainly need to be careful and not do more harm than good when getting people on our side. But if you approach your security initiatives with enough finesse and confidence and show how you’re concerned about the business your questioning might be just what the doctor ordered.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”