computerwoche.de

Archiv

Why security pros fail (and what to do about it)

06.12.2010
You've probably heard the phrase, "Failure is the key to success." But are security professionals really learning from their mistakes? As identity theft and online risks keep growing, is our industry rising to the challenge or repeating the miscues of the past? While security technology is improving, the bad guys also have access to better tools. So are the good guys working smarter?

Conventional wisdom says we need more staff training and technical security certifications. Others say higher salaries, a better understanding of the bad guys, more executive leadership training or more top-level executive buy-in are needed. While all of these help, I've seen security staffs with all of the above fail.

Also see

As I've traveled the world, I've identified some common traps that cause security pros to fail. What works and what doesn't in achieving the best security results? If you call yourself a security professional, here are seven lessons you need to learn. I originally examined these lessons in a series of posts on my CSOonline.com blog, where you can on each problem and solution.

Problem #1: Security Is Thought of as a Disabler

Security professionals are often viewed as the party poopers. This threatens the credibility of every security consultant. Are you bringing problems or offering solutions? Are you viewed negatively by the business?