Ever been asked to conduct a pen test—with a herring? Provide a secure shrubbery: “not too big?” Been confronted with “Ni” “Peng” or “Nee-wom” in response to your security practices? Welcome to the Monty Python-esque world of RFPs and security attestations. Learn to decipher what the real security concern is and get to “yes” (and determine if it’s a cute little bunny rabbit…or a vicious killer).
1: Understand why “checkbox based security” isn’t good security
2: Learn how to ask legitimate, clear questions internally and externally to advance your security plans