IT Pros Not Betting on Their Own Security Measures

A recent report holds that only about half of Info Tech professionals are willing to bet on their network security.

Article Here

That is not encouraging.

My version:

“Dear IT Professional, We are paying you to ensure that our network is secure. We believe in you. We understand that the bad guys are good at being bad.  We also know that you need resources.  We promise to provide you with what you need. We expect that you are up to the task. If you are not, please let us know now so we can find someone who is. Such an approach is best for everyone.”

I also think that unannounced security audits should be performed by the leadership of a company.  Hiring a third party to try to hack your system seems to me to be a reasonable approach to test your defenses.