Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.
Rafal (Principal, Strategic Security Services)
There has been a good deal of griping lately about what "us security people" are calling the "dumbing down" of products in whatever product space. By this of course I mean products that seemingly drop advanced featrues to make themselves "easy to use" by the general end-user.
While almost every single product's marketing page has "Ease of Use" as one of the checkbox features, it's rare that this actually manifests itself in the real products. The end result of difficult to use security products is clear - security breaches are rampant. You don't have to take my word for it, do a search.