Red Flag list for CISOs

Save time by detecting red flags early

Photo by Thomas Park on Unsplash

The sheer complexity and number of subjects you need to handle when working as a cybersecurity manager often push people into trying to become a bit of a renaissance person, but unfortunately it is impossible to know everything.

It is therefore handy, without necessarily understanding in detail why, to detect bulls**t and save time when selecting solutions, chasing progress, understand a situation and other managerial duties.

These are my favourite red flags

• Implement this standard and you will be secure
• Install this solution and you will be secure
• Rate all your risks and you will be secure
• Implement this library / souce code scanner and your software will be free of vulnerabilities
• We filter that with zero latency
• We are not qualified or certified but we guarantee the destruction of the data of your end of life devices
• Our pentests are cheaper than the competition and just as good
• We didn’t test restoring the data but it should be fine
• We don’t know what proportion of computers don’t have anti malware installed but it is probably very low