Posts RSS
Subscribe via Email
Top Ten Announcement/Press Release Now Up
Posted June 29th, 2007 by rybolov
Posted in ISM-Community, Odds-n-Sods | 
1 Comment »
Making Press Releases
Posted June 28th, 2007 by rybolov
I spent last night writing a press release for ISM-Community Top Ten. Press of the world, be warned, you will be hearing from me soon.
Anyway, lessons learned from writing a press release:
- Geeks hate hyperbole
- Security geeks hate hyperbole even more
- There is a big need for marketing people to learn how to talk “security dweeb” and there is a need for security managers to learn how to talk to “marketing dweebs”
- Have a stock supply of quotes from people associated with the project to put wherever you see fit–collecting them at the last minute is hard to do
- Don’t ever volunteer again =)
Seriously, though, it’s good skills to learn, even if you think you’ll never need them again.
Posted in ISM-Community, Odds-n-Sods | 2 Comments »
Wednesday Zombie Post–Fido
Posted June 27th, 2007 by rybolov
Highly loveable movie about zombies as pets and assistants. Until their collar stops working, thus proving my theory that zombies just want to eat your brains!
Trailer here at Daily Motion. I wouldn’t recognize Carrie Ann Moss if I didn’t read the credits. =)
Now, to tie this back into security, Fido is a classic example of what happens when you depend upon a security architecture based on one control when it becomes a single point of failure. Then it’s time for the shovel.
Posted in Zombies | 1 Comment »
Open Letter to New Security Manager
Posted June 27th, 2007 by rybolov
Let me be one of the first to congratulate you. Whether your title is CISO, ISSO, Manager, or Consultant, being a security manager is an accomplishment.
Now for the bad news: You need to go into the job knowing that you will always be short on people, time, and money. Good people are hard to come by, and as soon as you get them trained up, they’ll change jobs because they outgrew what you hired them to do. Time is critical because effective security requires cooperation with all the other business disciplines which takes time and effort. Security is seen as a cost center, so any good business will try to limit security spending in order to maximize their profit.
My friends at ISM-Community have developed an Information Security Management Top 10 document with some very solid practical advice for how to survive in today’s security environment. Think of it as a list of meta-themes that all successful security managers and programs have in common.
The ISM Top 10 doesn’t solve all of your people, time, and money problems, but it can help you to recognize trends and set a long-term strategy to winning.
Posted in ISM-Community, Risk Management, What Works | 2 Comments »