I wanted to add some back story to Caffeinated Risk. We’ve been part of the security profession (both physical and logical) for the past few decades, worked together for some of that time and had a chance to learn about each other and our strengths. Over the past couple of years we’ve gotten together for coffee or lunch and, as two grumpy old security professionals do, started talking about our careers in security.
Both of us realized we have a similar goal – to give back to the profession that’s been so good to us. We thought a book would be a great way to help others…but that’s a lot of work! And we have real jobs we spend time at during the day. And I have a couple of dogs that are pretty needy…
So Doug came up with the idea of producing a monthly podcast for security professionals – by security professionals. We’d focus on the principles of Enterprise Security Risk Management (ESRM) and delve into technical and managerial topics regarding information security risk. The podcasts would be 20 to 30 minutes long and we’d interview other security risk professionals to learn how they worked through a project, a program, or their careers using a risk based approach to security.
It’s an opportunity for us both to talk about what we’re passionate about, how we struggled through the early parts of our careers and the lessons we picked up along the way. We’re not representing any company – the views posted here at Caffeinated Risk are solely our own personal narratives. We’re relying on all the mis-steps and successes we experienced to help others. We’ve got lots of stories so I’m not worried about finding material.
If you’ve made it this far, let me leave you with this final comment. Both Doug and I are doing something we’ve always wanted to do – give back to a profession that is in transition. We’ve seen how the security profession has grown from being the “department of no”, to becoming trusted advisors to organization executives.
Caffeinated Risk is our opportunity to talk about that journey.
And to let folks know how we learned that, in security, we don’t sign shit. Don’t worry, we’ll talk about that too.