Let us have a VERY frank conversation…
Information Security is at a painful point in its development. It has failed to deliver on many of its promises. It has held itself up as the savior to businesses and has spectacularly failed to deliver. The industry is rife with misinformation, marketing hype and false promises, how DO we navigate through this, what and how do we see the woods for the trees AND how (as an industry) do we regain trust from those charges we have so far failed to protect?
This is going to be a series of blunt statements, followed by some home truths on what AND how we have to fix our industry. How we leave security behind and talk risk, how we collaborate AND change our approach and language when dealing with businesses AND how we change the symmetry and focus from one of attack to asymmetric defense. What and how we do that will be discussed.
