I am following Shoaib’s blog since quite a while – actually due to the beauty of the Internet, we only met virtually so far .
He just posted on his blog: 5 Common Types of Security Professionals
I really like this post. The way he categorizes them is:
The reason, why I like it so much is that I am deeply convinced that security can only be successful if it is aligned to business needs and not necessarily to policies and to fear. So, thinking about where security can become a business enabler would often be worthwhile. Additionally, we probably should think about our risks as well. It might well be that the we think that the world might end if a certain risk materializes but it might not even make it in the Top-100 risks of your company…
So, maybe we should change our approach or at least be honest and look in which of the 5 buckets we fit…