An Open Letter from InfoSec to the Company:
Greetings and salutations!
I’m an information security professional. You don’t know me very well, but I live in your midst and I was put on this earth to help keep you safe. When I do my job well, you never know that I’m there. You only seem to acknowledge me when there is a problem, and then you’re either hiding it or panicking and yelling at me to fix something. I’m no trained monkey, dagnabbit! Look, I’m happy to help. I’m a giver. But I deserve your respect.
Do you even realize that 99% of the time I’m setting up systems and processes that keep the viruses, deviants, and ne’er-do-wells at bay? You have no idea what kind of nasty little schemes are out there. You just keep sipping down your lattes and crunching your numbers and making products and marketing and selling things and keeping those customers happy and making us a fine respectable company. Sure, that’s all well and good. But I’m the guardian of the friggin’ galaxy! I’m the invisible hand that smacks the poison darts out of the way and provides the antidote when you’ve been bitten by the serpent (I didn’t actually see the movie). I may have a spot on my tie, and it may be a bow tie, and I may not be up to date on the latest fashion, and… uh… I forget where was I going with this. It doesn’t matter! I’m just asking for a little acknowledgement, okay?
It would be helpful if you did not click on every little questionable link that comes your way promising the latest gizmo. And please don’t post your password on a sticky note on your computer. Try to take a second to look at the URL of that urgent message to see if it’s got spelling errors. Can you please not email that document to your home computer! Don’t plug in that strange flashdrive! Okay, I’m getting worked up again.
I’ll tell you what. I’ll try to be more interesting and engaging with my trainings and keep them as short as possible. I’ll try to build processes and defenses that make your life easier and not harder. I’ll try not to instinctively yell “NO!” whenever you call my name. I’ll try to smile pleasantly and provide helpful responses when you ask me about workarounds, or when you ask basic questions that an executive at your level (as well as a third grader) should know. But can you meet me halfway? Please? I love working here and quietly, passionately, and vigilantly protecting the kingdom.
Your Information Security Team
P.s. Can I have a raise?
Entertain to Engage. For more fun approaches to information security awareness, visit: http://learningsentertainments.com/suites/info-security/
Copyright 2017 Learnings & Entertainments. All Rights Reserved.