Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Why's it so hard to say yes? - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Why's it so hard to say yes?
Quoting ZDNet: The average security team has a reputation of saying "no" to everything. This could come down to two things - training and leadership.
ZDNet
The best way to manage perception on this issue is to allow the business to understand the risk of saying 'yes'. If they accept the risks because the business can afford the consequences, then often a "yes" is applicable with some conditions or at a minimum a declaration that risks are acknowledged and accepted. Kevin Shortt

81 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!