Chapter 20

Ten Tips for Getting Security Buy-In

IN THIS CHAPTER

Cultivate an ally and sponsor

Outline the benefits of security testing

Establish your credibility

Show value in your efforts

Dozens of key steps exist for obtaining the buy-in and sponsorship that you need to support your security testing efforts. In this chapter, I describe the ten that I find to be most effective.

Cultivate an Ally and a Sponsor

Although well-known breaches and compliance pressures are pushing things along, selling security to management isn’t something that you want to tackle alone. Get an ally — preferably your direct manager or someone at that level or higher in the organization. Choose someone who understands the value of security testing as well as information security in general. Although this person may not be able to speak for you directly, they can be seen as an unbiased sponsor, giving you more credibility.

Don’t Be a FUDdy-Duddy

Sherlock Holmes said, “It is a capital mistake to theorize before one has data.” To make a good case for information security and the need for proper testing, ...

Get Hacking For Dummies, 7th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Hacking For Dummies, 7th Edition by Kevin Beaver

Ten Tips for Getting Security Buy-In

Cultivate an Ally and a Sponsor

Don’t Be a FUDdy-Duddy

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly