A question of trust
by Brian Honan - CEO BH Consulting - Wednesday, 24 July 2013.
Building trust into relationships takes time and effort. It requires constant communication between both parties to ensure they understand each other’s viewpoints and positions, as well as honest engagement from each party when it comes to outlining their expectations from the relationship. Needless to say, trust is built by delivering on what is promised.

We need to be better at engaging with those outside of security, both technical and non-technical. We need to improve our understanding of their requirements and our ability to demonstrate what is required in order to do business securely. We need to accept and realize that security is not a technical issue but a business one. As such, we should realize that it is the business that decides what to do based on the trusted advice it gets from us.

When I make the above argument I often get the response “Why should we have to understand the business? The business should make more efforts in understanding our requirements”. If we take this approach, we rely on the other party to take the initiative to open the dialogue to start building that trust. If they don’t, security will always be our responsibility and likewise all security breaches and failures will be ours, too.

Building a strong relationship based on trust is a long journey. Someone has to take the first step so others can follow. Let’s reach out to the business, and try to better understand what they are trying to achieve and learn how best to be a trusted advisor.

Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to the Europol Cybercrime Centre, an adjunct lecturer on Information Security in University College Dublin, and he sits on the Technical Advisory Board for a number of innovative information security companies. He has addressed a number of major conferences, he wrote the book ISO 27001 in a Windows Environment and co-author of The Cloud Security Rules. He regularly contributes to a number of industry recognized publications and serves as the European Editor for the SANS Institute's weekly SANS NewsBites.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th