Edited posts, renamed file

Content Factory/Marketing voor ZZP werk/Posts/s01p03en - Security is a management issue.md

@@ -1,7 +1,7 @@
 `Posted on 15 May 2026 19:30 CEST to LinkedIn personal stream`
 # Security isn't an IT problem, it's a management issue.
 
-That was the core of the previous two posts. The question remains: how do you embed that in your organization?
+That was the core of the previous two posts. The question remains: how to embed security in your organization?
 
 Individual measures help, but in an organization that keeps moving, they quickly fall short. People leave, ways of working change, new tools are introduced, laws and regulations evolve.
 
@@ -15,4 +15,4 @@ I'd be curious to hear how that's arranged in your organization. Feel free to se
 
 — Security as an organizational challenge — 3/3
 
-\#managingsecurity \#iso27001
+\#managingsecurity \#iso27001 \#resilience

Content Factory/Marketing voor ZZP werk/Posts/s01p03nl - Security is geen IT-probleem, maar een managementvraagstuk.md

@@ -1,7 +1,7 @@
 `posted on 19 May 2026 10:00 CEST to LinkedIn personal stream`
 # Security is geen IT-probleem, maar een managementvraagstuk.
 
-Dat was de kern van de vorige twee posts. De vraag die overblijft: hoe borg je dat in je organisatie?
+Dat was de kern van de vorige twee posts. De vraag blijft: hoe borg je security in je organisatie?
 
 Losse maatregelen helpen, maar in een organisatie die blijft bewegen, schieten ze al snel tekort. Mensen vertrekken, werkwijzen veranderen, nieuwe tools worden geïntroduceerd, wet- en regelgeving verandert.
 
@@ -15,4 +15,4 @@ Ik ben benieuwd hoe dat in jouw organisatie geregeld is. Stuur me gerust een ber
 
 — Security als managementvraagstuk — 3/3
 
-\#managingsecurity \#iso27001 
+\#managingsecurity \#iso27001 \#cyberweerbaarheid

Content Factory/Marketing voor ZZP werk/Posts/s01p04en - Good intentions don't scale.md

@@ -0,0 +1,16 @@
+`Posted on XX May 2026 19:XX CEST to LinkedIn personal stream`
+Good intentions don't scale.
+
+Information security often hinges on that one IT administrator who always asks a control question before committing a change. The power user that .... etc. And that's great  — until they leave, change roles, or get overloaded.
+
+You don't need more 'awareness' in your organization. You need a process that keeps working, even when people change, tools change, and regulations change. A process that makes risks visible, assigns ownership, and allows for correction before things go wrong.
+
+This is where a security management framework like ISO 27001 can help. If you want, first strip it of all the extra bagage you don't need — but preserve it's core: risk management, ownership, continuous improvement. Keep documentation at a bare minimum. Let people experience the value it brings, the sense of knowing you've secured the process, see what resilience looks like. You can always build it up to a certifiable ISMS. Or not.
+
+The real question isn't whether the crew around the table is taking security seriously at the moment. It's whether your organization is still taking it seriously six months from now, when today's decisions are forgotten and the people who made them have moved on. That's resilience.
+
+How is continuity arranged in your organization? I'm curious — feel free to send me a message.
+
+— Security as a management responsibility — 3/3
+
+\#managingsecurity \#iso27001