Just on this weekend I stumbled upon Mike Rothman's blog. Just by reading two days of his postings and I'm already planning to buy his PDF book "The pragmatic CSO". First because I already have good feelings about anything that uses the word "pragmatic". Second, his postings are so intelligent that I'm really wiling to see what advices he has prepared for a CSO like me.

Today he made a brilliant observation about the discussion about which kind of threat is more important, internal or external. Usually I end up on reading and researching more about internal threats because I think the problems involved are more interesting, but he's made a point on saying that it doesn't matter if it's internal or external, but if it can reach your business systems. one of his phrases: "Enough of these ridiculous insider vs outsider delineations. Protect your damn business systems and the nomenclature will work itself out.". Really loved that.

I'll keep reading it. The format of his comments ("top blog postings") is exactly what was my intention to do here. Unfortunately I have to spent a few more minutes when I'm writing in english, so I'm not able to keep the postings coming. Have to change that this year.