risk management, business management security, security awareness
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone

JOIN NOW and get your Free One-Year Membership

Site Search:

Featured Blogs / Podcasts / Articles »

Site Meter

1aScottHeadJPG

Click on the PLAY button to learn why you should be measuring your staff's security awareness (without invading their privacy), and how to conduct your own free Honey Stick Security Awareness Measurement test.

If you're ready to start your own FREE Honey Stick test, just click HERE to get your free one year membership in The Streetwise Security Zone.


"Governance by Graffiti"
Simplified Security Resources Driven by a Concerned Community


The Streetwise Security Zone is a gathering place where you come to change the status quo for how information security is done  in your organization, and in your industry.

Whether you're an executive, an IT manager, a security professional, or an individual just trying to do your job, here's the Streetwise Security Awareness process we use to spread security awareness:

  1. Be prepared to defend and recover from incidents;
  2. Know your trusted connections and sources;
  3. Know your personal context for information you rely on;
  4. Control how you share information; and
  5. Collaborate to help others and improve efficiency

Why do we want a change? Because the field of information security is too big for any one person, or even a team of people, to master. If you are tired of being led down rat-holes by people who claim to know security, only to find out that what they are proposing is not workable in your business environment, you understand why we need a change.

We need to start looking at security from the business objectives first, and management must become involved at some point - preferably at the beginning.

For security, as for many other aspects of business, we depend on empowering our teams (as defined by Michael Santarcangelo II) to:

   1. Do the right things
   2. At the right times
   3. For the right reasons
   4. When nobody is looking

But even if your management isn't on side, that doesn't mean you can't make a difference. You'll be surprised at what you can learn, and what you can contribute.

If you don't think you'll be able to contribute, that's OK. Everyone is welcome, but even if you don't join we encourage you to invite at least one other person who might be a good contributor. Whether they are business owners, mid-level managers or concerned staff who just want to get their job done, we want to hear their stories about information security in their organization.

We depend on the contributions of members. We don't need a huge community to be successful, but we do need quality contributions and engaged members to have a chance of changing the status quo.

Featured Articles / Podcasts

article linkHow to deal with weaknesses in Anti-Virus solutions (ScottWright)
posted Sun January 4th @ 10:30 PM

As most of us know, no Anti-Virus solutions catch 100% of the threats they face. Some don't even come close. I've heard that it can be a good strategy to use more than one anti-virus product. However, in my recent experience, it's hard to find any that will coexist on a system. Most of them usually want you to uninstall any other Anti-Virus solution before they will install themselves.
Read More »

article linkKnuckles for Pluto! (ScottWright)
posted Tue December 30th @ 9:43 AM

As you know, I enjoy listening to the Security Now podcast with Leo Laporte and Steve Gibson. They usually talk about some pretty technical concepts, but they do have some intereseting news stories that are worth commenting on. This is from Security Now episode #165 (click HERE for the episode transcript and search on the word "knuckle").
Read More »

article linkScott Wright's year end reality check for 2008 (ScottWright)
posted Tue December 30th @ 8:15 AM

I started blogging about security back in January, 2007. So, it's coming up on 2 years that I have been putting my thoughts on managing information security down in writing. It doesn't seem like that long ago. Read More »

article linkContext is King when there's too much security information available (ScottWright)
posted Mon December 22nd @ 10:57 PM

As Chris Anderson says in his book, The Long Tail, “Context is King” in a world where there is way more information than you have time to sift through. Read More »

contains audio content article linkSWSZP Episode 2 - December 20, 2008 - Governance by Graffiti (ScottWright)
posted Sat December 20th @ 8:15 AM

In the audio podcast that goes with this post, I cover a lot of content that illustrates the interesting and important security issues that you should be staying in tune with.  I hope you'll find good value in it.  So, I'd appreciate any feedback you have on the audio content, structure or length. (To download the entire audio file now to your computer, instead of listening from this page, click the "down-arrow" in the audio control bar above.)
Read More »

article linkCandidate for the Streetwise Security Gaff of the Year Award ? (ScottWright)
posted Mon December 15th @ 7:22 PM

Well, it seems like you can always count on politicians for a good demonstration on how not to handle technology responsibly - and I guess we shouldn't be surprised to hear that McCain and Palin would offer something in their own particular... idiom. Read More »

article linkThe perfect gift mug for Security Geeks - let them know you wouldn't want to be them (ScottWright)
posted Fri November 14th @ 6:59 AM

It's OK to be human, or even cynical about security for a moment, if you take advantage of the opportunity to engage people about the information they handle in their jobs, and how important it is to the organization. Read More »

Start getting your FREE Security Tips Newsletter now!
What value do you get? - Click HERE.
Concerned about privacy? Click HERE

Name:
E-mail:

Digest: showing activity in non-member only areas for the last 1 days

Customize your digest options

Streetwise Security News
Tue, 30 Dec 2008 14:46:38 GMT

I'm sorry sir, but that's our (security) policy
(Wed, 19 Nov 2008 14:14:17 GMT)

Originally posted - February 20, 2007 Read More » Scott WrightThe Streetwise Security Coachhttp://www.streetwise-sec... 1-613-693-0997Email: scott@streetwise-security-zone... ID: http://www.twitter.com/streets... http://www.linkedin.com/in/sco...

» view / add comments


Realtime Community | IT Compliance

Business Info Fact Of The Day: Employees In Most Organizations Are Twittering
(Tue, 06 Jan 2009 20:27:20 -0500)

There were over 1.2 million Twitter users in December and the numbers of users are growing exponentially.

» view / add comments


Scott Wright's Security Views
Tue, 23 Dec 2008 04:00:03 +0000

Context is King when there’s too much security information available
(Tue, 23 Dec 2008 03:45:08 +0000)

As Chris Anderson says in his book, The Long Tail, “Context is King” in a world where there is way more information than you have time to sift through.People desperately need help in sorting out what security information is relevant to them. Which vendors and technologies to trust, which browsers to use, which updates are [...]

» view / add comments


The Security Catalyst
Sat, 20 Dec 2008 16:20:30 +0000

In Defense of Breach Notification Laws (sort of)
(Thu, 18 Dec 2008 04:25:08 +0000)

Starting with California’s 2003 law,1 all but a hand full of states have now enacted breach notification laws (BNLs). Though each is subtly different, all notification laws recognize that a if your identity, or Data Self, is treated as mere chattel, it is subject to fraud and abuse. These laws require data stewards [...]

» view / add comments




Copyright 2008. The Streetwise Security Zone - Governance by Graffiti (tm)