Learning Security with Mayur

What comes to your mind when you think of information security? If you watch a lot of movies, especially the ones involving the CIA, you would imagine a nerd in a basement trying to hack into the world’s most secure places with no life other than that. When it comes to the office, you imagine him to be a nerd ( again!! probably), sitting in one corner trying to protect your corporate infrastructure.  Information security only gets associated with technical stuff such as firewalls, passwords, encryption, and most importantly hacking. Look at most of the job descriptions, and they will always mention the same. A search on the “top skills a cybersecurity leader should have”, results in Simplilearn telling us about network security, cloud security, virtual machines, coding, etc.  These are important parameters but are just a small part of the skillset of information security professional. The MOST and I repeat, the MOST important skill a cybersecurity leader needs is the art of articulatio

  Consider you are a security expert employed by: 1) A big entertainment company, OR 2) Product Company, OR 3) Manufacturing company.  And you have been asked to create the security policy for the organization. How would you go about creating one? While the simplest way would be to Google examples of the security policy and copy, paste, and create one. If you have that in mind, you can skip reading this post. However, if you are looking to create a custom security policy that caters to your organization, you are in the right place. Before we start jumping on how to create a security policy, we must understand what is a policy. Wiki defines a policy as “A policy is a statement of intent and is implemented as a procedure or protocol.” Safeopedia explains it as “Policies are rules, principles, guidelines or frameworks that are adopted or designed by an organization to achieve long-term goals. Policies are formulated to direct and exert influence on all the major decisions to be mad