flattened posts folder
This commit is contained in:
parent
831590bc72
commit
103e506117
19 changed files with 0 additions and 0 deletions
|
|
@ -0,0 +1,57 @@
|
|||
---
|
||||
title: "IT is not going to fix your security problem"
|
||||
language: en
|
||||
|
||||
proposition: advisory
|
||||
|
||||
series-id: s01
|
||||
series-title: "Security as an organisational challenge"
|
||||
series-part: 1
|
||||
|
||||
audience:
|
||||
- leadership
|
||||
|
||||
channels:
|
||||
- linkedin
|
||||
linkedin-account: personal
|
||||
|
||||
content-type:
|
||||
- post
|
||||
|
||||
status: published
|
||||
|
||||
publish-dates:
|
||||
linkedin: 2026-05-13T17:30:00Z
|
||||
|
||||
published-urls:
|
||||
linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-activity-7460380869439016960-G-7x"
|
||||
|
||||
notetype: publication
|
||||
isotags: []
|
||||
tags: []
|
||||
---
|
||||
|
||||
`Posted on 13 May 2026 19:30 CEST to LinkedIn personal stream`
|
||||
# IT is not going to fix your security problem
|
||||
|
||||
IT is not going to fix your security.
|
||||
|
||||
Not because they don't want to. Not because they lack technical skills. But because essential parts of information security are out of scope for the IT department.
|
||||
|
||||
Here's what I see in practice:.
|
||||
- A website developer temporarily shares admin rights with an external consultant to troubleshoot an integration.
|
||||
- The account of the maintenance engineer that left the company last year is still being used.
|
||||
- A sales agent in Brazil gets full access to the company's CRM, despite operating under a different legal framework.
|
||||
|
||||
Examples of non-trivial information security risks arising in day-to-day operations. They cannot be fixed by technical solutions. Why? Because they're management issues, not IT problems.
|
||||
|
||||
Still, for most business initiatives the responsibility for information security is dumped on IT after the fact – like asking a constructor to oversee a renovation, while you're tearing down a load-bearing wall.
|
||||
|
||||
Information won't be secure until senior senior leadership starts managing risks, by asking the right questions before decisions are made.
|
||||
|
||||
Which questions are not being asked in your organization?
|
||||
|
||||
|
||||
— Security as an organizational challenge — post 1/3
|
||||
|
||||
**#managingsecurity**
|
||||
Loading…
Add table
Add a link
Reference in a new issue