Day One: Launch

Written By Jason Minor

What to Expect


Today the site launches, and with it, a new voice is projected into the electronic haze of data. The site will be dedicated to providing information on various topics related to IT Security in a positive and light-hearted way, as seen through the eyes of a security professional with over a decade in the field. The thoughts and opinions expressed are the author’s and should not be considered official, or used for any purpose other than entertainment and enlightenment. Expect to find how-tos, tips, guidance, resources and other errata related to IT Security. The subject matter can be heavy, so it will be interspersed with the occasional off-topic post, and of course.. there will be tea.

Every effort will be made to update the site daily, but there are no guarantees. As the site may consist of detailed articles, I suggest reading it on a computer screen, though it is not necessary.

On IT Security

When I use the term IT Security, I use it as an all encompassing phrase that includes the realms of Information Security (InfoSec) and Cyber Security (CyberSec), as well as the related fields of Operational Security (OpSec), Application Security (AppSec), Development Security Operations (DevSecOps or DevSec), Network Security (NetSec), Penetration Testing (Pen-test), Cryptography, Digital Forensics, Incident Response (IR), and finally Governance Risk and Compliance (GRC), and to a less extent Audit. Phew!

It should now be obvious why I choose the phrase IT Security.

As I am most familiar with InfoSec and CyberSec, the bulk of the site will be dedicated to these fields.

Here is the difference as I understand it to be:

Information Security

This field is dedicated to the protection of data in all its forms - electronic and physical.

Cyber Security

This field is dedicated to the protection of electronic assets - data and infrastructure.

Information Security professionals not only deal with security in the digital world, but also in the physical world. For example, they are tasked with ensuring proper security controls are in place to protect confidential paper documents. Whereas, Cyber Security professionals tend to focus on security controls that protect data as it exists in the digital world only (and all that goes along with that).

That’s it in a nutshell. I will dive deeper into various aspects of both fields in future posts.

For now, enjoy some tea.

Daily Cuppa

Today’s cup is Organic Earl Grey provided by Equal Exchange.

Fair Trade, organic, and bursting with bergamot!

Jason Minor
Previous

Valuable Resources Every IT Security Pro Should Know