1600 words, 8 minutes. You’ve suffered a breach. Your security was circumvented. Data was lost and the public, shareholders, media, and perhaps regulator must soon be informed. A chain of events has begun. What you do next will determine in large part where that chain leads. In this post I’m going to talk about a tactic I’ve seen used to successfully re-frame a bad situation and nudge the narrative in your favour. »
550 words, 2 minutes. Final Remarks “All men can see the tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved” - Sun Tzu. This is the 6th and final post in a short series on winning systems for security practitioners. The first postfeels like a while ago already, about 6000 words or 25 minutes. Those minutes haven’t been wasted. The Inevitable Car Analogy If you’ve come this far then you’ve already completed one whole lap around the circuit of winning systems. »
1450 words, 5 1/2 minutes. Resilience “In defeat: Defiance” - Winston S. Churchill. This is part 5 of 6 in a short series of posts on winning systems for Information Security practitioners. It aims to plug the gap between policy and products and put you, the practitioner, back in the driving seat. After all if you don’t know what system you’re implementing, how can you decide what products or features are important to you? »
1200 words, 5 minutes. Robustness “The first virtue in a soldier is endurance of fatigue." - Napoleon Bonaparte. This is part 4 of 6 in a short series of posts on winning systems for Information Security practitioners. It aims to plug the gap between policy and products and put you, the practitioner, back in the driving seat. After all if you don’t know what system you’re implementing, how can you decide what products or features are important to you? »
1100 words, 4 1/2 minutes. Responsiveness “No battle plan ever survives contact with the enemy” - Helmuth von Moltke. This is part 3 of 6 in a short series of posts on winning systems for Information Security practitioners. It aims to plug the gap between policy and products and put you, the practitioner, back in the driving seat. After all if you don’t know what system you’re implementing, how can you possibly decide what products or features are important to you? »