
Bolting on security does not work
In my travels I have found it matters more how you do IT securely than how you ‘do security’. What I mean by this is, the prevailing themes of orgs recently is to bolt on SOCs/MDR and other services to a low maturity/low capability IT organisations with the hope that its magic’s all the security problems away. This sounds lovely, the salespeople will almost certainly productise your security improvement journey and make it sound like a dream.
Read more “Bolting on security does not work”