[Infowarrior] - Good Read: Infosec-v-Investing

Richard Forno rforno at infowarrior.org
Mon Jul 9 10:18:00 CDT 2012 

(This is  well worth a few minutes of time.  Gunnar makes some excellent points and echo similar things I and others have said in recent years both publicly and privately.  Definitely some good food for thought!  --rick)



I am a better Security Pr​o because I am an Investor & I am a better Investor Because I am a Security Pro. - Why investing is important, and why Security Pros are uniquely suited to it

Society of Information Risk Analysts Conference

By Gunnar Peterson

May 7, 2012

Thanks to Jay Jacobs for allowing me to speak on this topic. I am going to take you a little off track but I hope the journey will be worthwhile from personal and professional development standpoint, we will return in due time to infosec topics. 

Effective information security and investing require similar skills - risk management is the obvious one but it goes way deeper than that.

First, good investors foster a defensive mindset - they know they are playing a losers game and act accordingly.

Next, investors deal with data ( but only to a point) - investors have great historical data and next to nothing about the future risks - sound familiar?

Last, "Hacking the system" mentality pays off - good investors find obscure features nobody cares to see and figure out how to exploit it.

 What I really want to talk about is the shared mindset of successful investors and what infosec can learn from it. I would like to offer my thoughts on this and leave plenty of time for Q&A and open discussion.

 Learning about and practicing investing offers security pros concrete benefits - on a personal level protecting money (always welcome), but really we're used to thinking in terms of retirement pensions and this is no longer the case. Most everyone will need to manage their own retirement, start now; finally there is a professional benefit in the sense that once you understand the capital dynamics of certain business decisions that formerly made zero sense become crystal clear with an capital allocation hat on.

< - BIG SNIP - >

http://1raindrop.typepad.com/1_raindrop/2012/05/i-am-a-better-security-pro-because-i-am-an-investor-i-am-a-better-investor-because-i-am-a-security-p.html

---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.

More information about the Infowarrior mailing list