Inspired by Infopulse Security Experts
The biggest challenge of today is the exponential growth of both technology advancement and inherent threats. Forget the trivial truth that what you know today gets obsolete tomorrow. It may well be that your knowledge of today had already outdated yesterday. This is especially so in the information security world, where the pace of change is overwhelming.
Exchanging the newest knowledge between the Infopulse experts became a strategic approach to growing the company expertise. We get insights, new ideas, and perspectives enabling us to deliver better products and services created to the highest demands.
Continuous learning enables us to attain goals we would never dream of otherwise. We keep aspiring to make a difference, not just to make a living.
Building the Culture of Learners
Recently, Infopulse information security experts held an internal workshop about basic aspects of security compliance and risk management. It was intended for the attention of the Infopulse Standards Compliance Manager team: developers, designers, product managers, product support and marketers.
Do not get confused with the idea of “basic” as something primitive and generally old knowledge. Our digital landscape is changing so fast that any static knowledge soon becomes outdated. Basic aspects mean the most recent information security developments and discoveries presented in a concise and easy to comprehend form.
The idea of sharing security and compliance expertise with the SCM team meant to change the perspective of all contributors. Developers got a chance to look at the product from the user’s point of view. Marketers and sales managers received an understanding of the developers’ vision. Designers got their own insights from both developers’ and marketing positions.
Security Compliance and Risk Management
When the SCM project got started, security was the number one priority. The idea laid in its foundation was that the product created to strengthen and maintain the security of the information systems must be secure itself in the first place. This is the point why sharing security experts’ knowledge with all SCM team members was the top item of the agenda.
All participants of the SCM project gained from the workshop. Besides the basic dive-in into the world of compliance and risk management, they got insights about behind-the-scene drivers of the security industry, the key elements of security systems, and the main actors dwelling in the security domain. It was about the latest approaches, best practices and new challenges brought by the fast-changing security landscape.
The objective of the workshop was to cover six major areas:
- Security world landscape: standards, terminology
- Understanding of cause and effect relationships
- Compliance methodology & techniques
- Risks methodology & techniques
- Understanding the basic IT security personas
- Understanding the basic SCM-related Use Cases
The most exciting part of the workshop was the presentation of the SCM application through Security Compliance use cases. Waves of emotions, exhilarating team spirit, and brainstorming to resolve the real-world challenges – all that strengthened our feeling of being a part of something great.
What We Learned
Apart from getting familiar with security methodologies, compliance techniques, new customer approaches and tons of useful information, the participants expanded the vision of the product. It was about the different use models depending on the enterprise type and the security requirements. It was also about the different risk analysis approaches applied with regard to different users and to different objects.
The workshop presented the latest developments of Open Web Application Security Project – a worldwide community and organization focused on security education and improvement.
It was exciting to look at the familiar things like functionality, convenience at another angle switching our perspective from the user interface to use case scenarios. Modeling real-life situations got everybody jumping up and down with ideas.
We learned the newest trends, the challenges and the prospects for information security development.
SCM: the Now and the Future
The very important conclusion underlining the entire workshop agenda was the bilateral nature of the SCM product:
- SCM is created to ensure the security of your systems
- SCM is a secure product created with security at its core by design
The entire team got new ideas for the SCM further development in many aspects: functionality, new modules, UI/UX, and security.
We feel empowered with the emotion to belong to something great: the cool product, a young and extremely agile team, and the most up-to-date approaches to product development. It is a powerful mix propelling SCM into the world of tomorrow.
Effective and easy-to-use IT security management system based on the latest standards and regulations — from planning and establishing the security concept to certification.