A Day in the Life of Mordac

"Cybersecurity Analyst," "Infosec Professional," "GRC Associate"

….these are all fancy terms to describe what many developers, sysadmins, and engineers would traditionally call a 'Mordac.'

If we’re not bothering you to change your password one day, we’re yelling at you to finish your security awareness training and uninstall those 15 outdated versions of .NET Core on your machine the next.

We pump the brakes on your Agile Sprint, divert the flow in your CI/CD pipeline, and in general things would be nicer if we got out of the way and just let everyone do their jobs... sound right?

The reality is, the pace of technology today often moves WAY too fast to keep a ton of hard and fast rules in place, and rarely is a 'one-size fits all' approach a good idea. A good infosec team should be working with everyone involved in any process to evaluate and adapt to a constantly evolving risk landscape.

With that said, there are some guiding principles that usually apply no matter what framework or infrastructure you’re working with. Come hang out with Alexis Duffey, a modern Mordac, and hear about some of the security challenges involved in working in a small business tech environment, and why team #infosec maybe isn’t the worst team. Maybe.

Alexis Duffey is a Security Operations Center Associate at A.J. Boggs. Learn more about Alexis and A.J. Boggs at https://www.ajboggs.com

DILBERT © Scott Adams.