I read your book and it all made sense to me. I like that there are simple and cheap options for the problems I’ve struggled to deal with (no salesman has ever pointed that out oddly enough). But I was reading something from <noted cybersecurity expert> yesterday and he basically said the exact opposite of what you did on several issues. He agreed in others, but still. This is the problem I have with cybersecurity: everyone sounds like they know what they’re talking about, but I can’t follow your advice and his advice and the advice of my IT people.
– Logistics Company CEO
I hope I made it very clear in the book that I was one voice of many, and that my advice was not the be-all and end-all, but a starting point. I actively encourage everyone who is struggling with these issues to start here, and expand the voices they listen to once they get comfortable with the issues at hand.
Having said that, you’re right in that there are a lot of opinions that all sound good and make perfect sense. Who to believe? Or rather who’s advice should you follow? Two things to consider:
What specifically is the problem you’re facing and which piece of advice IS THE MOST APPROPRIATE FOR YOUR CURRENT SITUATION?
Things will change. Rapidly. What makes sense today might not make sense in a year, or even a few months. Constant vigilance is one of the prices you have to pay in order to maintain a reasonably secure enterprise. TODAY I MIGHT BE RIGHT, BUT TOMORROW I COULD VERY WELL BE WRONG.
The subject matter expert who has never held a position in industry, or is speaking about a lab-perfect solution that’s never been put to use in real-world environments is still the last person you should be listening to for reasons that should be obvious. Solutions or advice that don’t take into consideration how you work or how people behave are no solutions at all. I might not give advice that meets their ideal, but then I’m not doing this gain nerd cred, I’m doing it to help you – the SMB owner/executive – make sense of one of the most confusing yet critical issues of the day.