Usually when the topics of security and coffee are raised in the same sentence, one of two thoughts comes to mind:
- Very late nights in the past resolving a security incident
- Stalking (i.e. hackers breaching free Wi-Fi hot spot services at local coffee shops)
- Leveraging a simple cup of coffee as a mechanism for breaking the ice and building a relationship with the leaders of business units within your organizations
I strongly believe there should be a third:
Too many times I’ve walked in early to a customer meeting to find the IT Security group introducing themselves to the leaders of other departments within their own organizations for the first time.
This event is typically driven by an upcoming project to secure item “XYZ” which involves a new application or process. Although this is a less than perfect situation, it is better than the alternative where the business does not consult IT security until the organization suffers a breach, possibly from this new project.