Who exactly are we writing our security policies for these days? Compliance Officials? Legal Professionals? What about our employees?
Most security policies (and supporting documents) are written in ancient arcane runes that few people can decipher (or would even want to). In a society that increasingly gets its news from "The Daily Show", reads blogs instead of books, and has everything made simpler every day, why on earth would we want to continue making our security policies read like the cliff notes for ‘War and Peace’.
Over the course of this 1-hour presentation, Brad Bemis will discuss the potential benefits of taking a ‘For Dummies’ approach to policy development (and more). For a quick primer on the subject, you can read Brad’s recent article ‘Policies: What I Learned From Being A “Dummy”’ on InfoSec Island.
