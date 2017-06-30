Gartner: Security Without Security People: A [Sad] Way Forward?
This post is a convergence of a few things: our recent foray into more basic security areas (such as from threat hunting to vulnerability management), my experiences at a recent Security Summit and of course recent ransomware-like incidents (from WannaCry to Petya).
So, we analysts lots of do 1on1s at Gartner Events, these are essentially in-person client inquiry. It so happened that I took a decent number of 1on1s with organizations (some large!) that just hired their first security professional (likely a manager, but sometimes a technologist) or that had no full time security people at all (so Director of I&O or even a CIO was talking to me). Many of these organizations were definitely not SMBs! The epiphany that resulted from this is as follows: a lot, A LOT of perfectly great security advice is 100% useless for those guys.
Read the entire article here, Security Without Security People: A [Sad] Way Forward?
via the fine folks at Gartner
