close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel

Expert Core: Practical Security

Ben Tomhave, T2P Expert Core GuideCore Guide Benjamin Tomhave lends his expertise to the practical application and implementation of security principles—how security really works, why controls fail and how to fix them, and what businesses can learn from security incidents that make news headlines.
[ More about Benjamin... ]
Cut Through the Noise, Focus, Find Success Print E-mail

I was recently out camping in a rather busy campground. Nearby was a group of teenage girls, wrangled by mothers who overall lacked the necessary training in crisis management to keep a lid on the brood. At the same time, I was working on a deadline to get a couple pieces written, and I have to say, the challenge was immense. The noise generated by the group of 12 or so girls seemed ebb and flow at rates rivaled only by large crowds at major sporting or entertainment events.

In many ways, this is the focus we face in information security. We are constantly surrounded by noise. Different people in varying parts of the organization are clamoring for attention, or battling with each other, or just generating a lot of background noise, and yet we're expected to buckle down and achieve our objectives. My favorite whipping boy, the PCI DSS, is an excellent example of a large noise potential, providing plenty of salient details, but also generating so much volume that it can drown out your hopes and dreams.

 
Read more...
 
More Articles...

Related Templates (T2P Wikis)

...And many more. There are more than 20 templates related to this Core's topic.

View All Policy, Procedure, and Statement Templates

Recommended Resources

This section will contain a linked list of resources related to your core topic. You can add to and modify the list whenever you like. Resource types might include:

  • Standards and Frameworks
  • Communities and Forums
  • Associations and Organizations
  • General Reference Web Sites
  • White Papers
  • Magazines and Publications
  • ...and others...