CHAPTER

11

The Security Value of Failure

The first key value in Security FORCE is failure. In Chapter 10, I discussed how hard it is for information security professionals to embrace failure, while emphasizing its place in people-centric security. In this chapter, I will go into much more detail about just why failure is so valuable to InfoSec programs, what behaviors are associated with accepting failure as a value proposition, and how to measure and incorporate these behaviors into an existing security program.

What Is the Security Value of Failure?

Most of the security programs and leaders I interact with have a special relationship with failure. They fear it and loathe it. To them, failure means that you are not good at what you do, that ...

Get People-Centric Security: Transforming Your Enterprise Security Culture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.