Accidental CISOSep 28, 2023

I don't usually recommend reading the comments on reddit, but I think we as security practitioners should read the comments on this thread and reflect on how we can do a better job of collaborating, communicating, and delivering value.

https://www.reddit.com/r/sysadmin/comments/16uqyi1/does_your_security_team_not_want_to_be/

Does your security team not want to be responsible or own ANYTHING?

Password policy? No we don’t own that. Configuration hardening standards? Nope don’t own that. Vulnerability response process? Not us....

reddit
Show threadRich Smith "" (Ace Tomato Company)
@accidentalciso I advocate that we are the fire department of the company. I also need to mandate watching Backdraft for my younger coworkers. "You go, we go" scene is key. One team, one fight. Our team is the greater company.
Sep 29, 2023 at 12:36amWeb