Policies. In theory they should be the backbone of any good information security program, but in reality few if any people actually read them and even fewer can understand what they mean. For ages we’ve been trying to solve this problem through education efforts, but maybe it’s time to look at how we construct policies in the first place and take a microservices approach to writing them?
You can download the full slide deck here:
Lead photo thanks to @SecurityBrew on Twitter!