We’ve been reflecting on our core values as a company quite heavily in the last few months. They’re what make FRSecure, FRSecure, and provide our employees with a framework for how we treat our customers and each other. For that reason (and more) it’s incredibly important to us that we teach each other what the values mean to us as a company, that we hold each other accountable on fulfilling our values, and that we practice those values every day.
Our first core value is that we tell the truth. We’re in a business where sometimes the truth hurts. It’s not fun to hear that you’re not doing everything you could be doing in order to prevent and handle breaches. As security consultants though, we sometimes need to tell you the things you don’t want to hear because it’s the only way to really make a difference in how you’re protecting your customers, employees, and their data.
There’s a lot of noise in the InfoSec industry, and it’s challenging sometimes to determine what’s the truth and what isn’t. Sometimes that leaves us to do our own interpretation based on our experiences. So that’s what I’ve done. I took to Twitter at the beginning of April, and have been posting one InfoSec truth every day until I get to 100 truths. These are things I’ve seen and witnessed in my career that I know to be true through those experiences.
Day Ten – If you’re responsible for information security and you don’t know what the dirty work is, you might want to start over.— Evan Francen (@evanfrancen) April 17, 2019
Although it’s not always easy, hearing the truth about InfoSec can make a difference in your business and how your data is protected. Being aware of the latest InfoSec threats can help you and your organization be prepared. It’s only a matter of when you’ll be breached, and security awareness and training is important when preparing for and handling a breach. For more InfoSec truths and ways to protect your organization, visit frsecure.com.