Solving problems is often easier when you do not over-think things. As much as I did not understand the value of the K.I.S.S. (keep it simple stupid) approach in my younger years, I have grown to appreciate what it can do for us in business. Simplicity should be your top goal for managing information risk. Information security is complicated enough as it is - we do not need to make things more difficult. If you keep things simple and work toward better - and smarter - security up front and moving forward, I guarantee it will make a positive difference.
Kevin Beaver is an independent information security consultant, author, keynote speaker and expert witness with Atlanta-based Principle Logic LLC, where he specializes in performing independent information security assessments in support of risk management and compliance. He has authored/co-authored seven books on information security including the brand new "Hacking for Dummies,3rd edition" and "The Practical Guide to HIPAA Privacy and Security Compliance". He is also the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. You can reach Kevin and link to his blog and Twitter account at his Web site www.principlelogic.com.