Hear! hear! Are my thoughts when reading David Lacey’s blog post on software development, especially when I got to the last sentence.
“Security professionals should note these points, because the key to effective security is not reams of policies and tick-lists, but empowerment, effective solutions, large-scale collaboration and agile response.”
Sure, was at an ISACA conference the other week. Same theme!