Introduction

A common view of the Information Security function is that it is all about encryption and firewalls. We are perceived as the group that is always telling the business what they can’t do and is constantly screaming about the vulnerabilities that will bring the organization to the state of ruin. This perception has really hurt the profession over the years, but the good news is that this image of security is beginning to change for the better. It is all too easy to fall into the trap of being constantly at odds with the business, but ...