Finding The Balance
Logical Cybersecurity is about building an effective information security program (or plan) around the idea of finding the right balance between security and convenience (i.e. operability). An organization’s or a person’s risk appetite and pain threshold will help drive the center point of balance, so that will vary in each and every case.
It’s probably best to think of information security in this way…
The more secure something is, the more inconvenient it will be (or harder to operate).
The more convenient (or easy) something is, the less secure it will be.
These sentiments are true no matter if we are talking about someone’s laptop, an organization’s network, a new mobile application, entering a government building or catching a flight at the airport.
Website Mission
The rate at which technology changes, internet connected devices are introduced to the market, vulnerabilities are discovered, and attackers find new ways to get around safeguards makes the daily grind for an information security (infosec) professional a very daunting task. It's easy for us to become overwhelmed and feel like we are fighting a losing battle. With that being said however, a lot of us in infosec actually find the daily grind to be very enjoyable. We love the constant challenges and ability to learn/research something new each day. Many of us also enjoy sharing what we have learned through successful, or unsuccessful, projects and experiences with others. If you truly care about infosec and making the field and everyone in it and around you better, it can lead to interesting life experiences and fun hobbies…which is how this site was born.
With this website, I hope to pass on what I have learned over the years to a wide audience. I’m hoping to help the non-technical, "every day user" wanting to learn more so they can strengthen their privacy and security to not only protect themselves, but their family, friends, and clients as well. I’m also hoping to help the professionals already in IT (infrastructure, service desk, developers, etc.), infosec engineers, compliance and risk management, human resources, etc. as well. Together we can learn and grow to better protect our data and assets. Hoping the recommendations (best practices), real world examples, successful or failed experiences discussed will be helpful.
I want to make this website enjoyable as well as informative, so if you have any ideas, requests, feedback, etc., please visit the "Contact Us" page and let me know what you like or don’t like. Constructive criticism and feedback can only help me make this a better website for everyone.