Security News > 2021 > May > Debunking infosec purity and other security myths in the wake of recent attacks
The security team at Forrester busts a number of security myths.
Recently, an op-ed sent information security Twitter into a tizzy by blaming cybersecurity industry best practices for recent high-profile security breaches.
For the security team at Forrester, the op-ed furthered a number of security myths that we felt compelled to bust here.
A quick nose count among the Forrester security and risk team determined that if security teams only hired people who had never worked for a firm that had suffered a security incident, most of us would no longer be employable.
Those who lack an understanding of security may believe that zero-incident security is possible or that the perfect chief information security officer is the one who never had an incident.
This doesn't occur by a miracle, but by taking a methodical approach to: 1) set the tone from the top with your board; 2) build a human-centric security program; 3) build support, manage detractors, and navigate politics; 4) move outside the silos with security champions, whether they're developers helping you address application security issues or champions helping you rebrand; and 5) trumpet your progress and successes across the organization.
News URL
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws (source)
- ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)