The Forrester security team breaks a number of security myths.
A recent comment sent Twitter on information security (Infosec), blaming cybersecurity industry best practices for recently disclosed security breaches. For the Forrester security team, the comment promoted a number of security myths that we had to break here.
Myth # 1: The best Infosec professionals have never had a security incident
A quick count on the Forrester Security and Risk (S&R) team found that if security teams only hired people who had never worked for a company that had a security incident, most of us would no longer be employable.
Violations are learning opportunities for businesses, practitioners, and the industry as a whole. Gaps in visibility, procedural errors, bad …