Why cyber security can’t just say “no“

Think about how easy you make it for your users to share information with third parties. If they’re using Dropbox, wetransfer, files.com… then you’ve just made the job of your compliance and incident response teams much harder…:

[…] While the security department refuses a request with a simple gold-plated “no”, the problem won’t just go away because the business need won’t just go away. On the contrary, that slight problem might be the smoldering ember that will spark your next security incident. Then incident responders will get awkward silences instead of answers to their questions, preventing a quick, thorough investigation.


Original article