Blog

Can you use ONE WORD to describe the most important information security solution in your arsenal

One word

On LinkedIn there was a word game in the group “Information Security Community“. The deal was to name what you think is the single most important thing in IT security. The now over 1 year old discussion is still active and keeps popping up in my LinkedIn newsletters. While I do not agree you can put a single word on the most important thing, I do however find the discussion interesting as it could put a perspective on security when we look at the data that can be collected from this.

Collecting the data

After browsing the discussion I decided to extract all the answers from the thread, process it and try to visualize what everyone is thinking is their single most important thing in IT security.

I developed a small tool which processed the text from the thread, removed all the garbage and collected the words.

Once I had the code ready I got the following stats from it:

  • 268 unique words
  • 471 words total
  • 697 total comments in thread

I only collected the posts which was submitted as one word only. I realize I missed out on some replies as the word they submitted was in a post with more than 1 word, but I do not want to over complicate the code nor do it manually. The words and numbers in my excerpt of the thread is still relevant.

Visualizing the data

My idea for visualizing was to make a cloud of all the words, and based on how many mentions the word has the bigger the item. A mind map tool is perfect for making this. I decided to go with https://bubbl.us/. This online tool is free and worked just right for what I was doing.

Word cloud
Infosec Tree

 

The top words in the clouds are:

  • awareness 44
  • education 34
  • people 13
  • training 11
  • diligence 8
  • knowledge 7
  • intelligence 6
  • experience 5
  • monitoring 5
  • prevention 5
My conclusion is that the general awareness around security is very important and most definitively needs to improve. If we can train and educate our people, we will increase awareness and in turn make us inherently more secure.

[important]I encourage you to leave a comment below and discuss![/important]

Extra: All words with 2 or more votes

Words with 2 or more votes

Extra 2:

I posted a link to this article on http://www.reddit.com/r/netsec and a user called Chocolategirl made some http://wordle.net pictures out of the words. They turned out real good.

About Information Security Community

Join our prestigious Information Security Community on Linkedin, G+, and FB – the largest community of infosec professionals in the industry.  Let us build a network that connects people, opportunities, and ideas.  If you are involved in purchasing, selling, designing, deploying … or using information security solutions – this group is for you.
Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more…

 ~ “In line with its Mission, Vision, and Objectives, the Information Security Community is influencing and nurturing the present and next generation of Information Security Professionals for today’s unrelenting demands(c),” confirms Virginia Benedict, Managing Curator/Media & Vendor Alliance Program Director (since 2009)

Chris Dale

I'm Chris Dale from Norway, founder and principal consultant at River Security (https://riversecurity.eu/). Along with my security expertise, I have a background from system development and application management. Having a vast and broad experience in IT certainly help a great deal when working penetration tests and incidents.

I am an open, sharing and engaging person to be around, some even think I'm funny. I am usually enthusiastic and motivating when I work, and usually positive and optimistic about the general problems I encounter. I am passionate about security, both IT and physical security, which is one of the reasons I do a lot of public speaking at different events such as classes, conferences and workshops.

Driven by mottos such as "Magic is just science we don't understand yet" and "Think bad, do good", I attack today's security challenges with eagerness and enthusiasm. I consider myself a pragmatic person, with the ability to think outside the box, keeping the business in focus.

I also teach for SANS. My primary class I am teaching is Hacking Techniques, Exploits & Incident Handling. This course prepares you for the GIAC Certification in Incident Handling (GCIH). I find it extremely motivating and fun to teach others the art of security and hacking, and I often find that my passion and enthusiasm rubs off on my students.

http://www.securesolutions.no

3 thoughts on “Can you use ONE WORD to describe the most important information security solution in your arsenal

  1. Might I recommend a word-cloud that sizes the words based on their frequency? It’s a better quick glance view of the information. http://tagcrowd.com/ or http://www.wordle.net should do the trick.

    1. Hi Jordan, 

      Good idea. I’ve already seen someone compile a Wordle cloud out of it and it looked amazingly good. I’ve asked to copy them and put it on my site. Thank you. 

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top