I am following Shoaib’s blog since quite a while – actually due to the beauty of the Internet, we only met virtually so far Smile.

He just posted on his blog: 5 Common Types of Security Professionals

I really like this post. The way he categorizes them is:

  • The NO-MASTER
  • The By-The-Book Preacher
  • The Dinosaur
  • The Technology-Solves-It-All
  • The paranoid

The reason, why I like it so much is that I am deeply convinced that security can only be successful if it is aligned to business needs and not necessarily to policies and to fear. So, thinking about where security can become a business enabler would often be worthwhile. Additionally, we probably should think about our risks as well. It might well be that the we think that the world might end if a certain risk materializes but it might not even make it in the Top-100 risks of your company…

So, maybe we should change our approach or at least be honest and look in which of the 5 buckets we fit…

Thanks Shoaib

Roger