Teh business, does it exist ..?

On purpose, teh. Plus a spoiler: No.

Though this is a tell-tale sign your infosec program, of whatever kind, will #fail, wholesale.
’cause If you can’t specify all stakeholders, at their various levels of detail required, beyond swiping them up under the ‘the business’ nomen, Then you might as well call it ‘teh’ business, as you are vague to the point of irrelevance, as you will be regarded by ‘the business’ and since that’s where 99.9% of your security sits (including budget holders…), fugeddabout effectiveness.
Endif. No Else.

So, stop using ‘the business’ as a stopgap designation for your lack of understanding of the infosec problems that you claimed you could tackle hence you demonstrate to know no thing about the swamp of root causes to the problems that you said to go solve.
You n00b.

Oh well…:
dscn1150
[Some specific business; Madrid]

Advertisements

About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven) and tagged , , , , , , , , . Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s