Finding The Hidden InfoSec Story

Information Security is like the Analogies Project(!)


I have had a curious itch since I came across this useful and diverse initiative….I couldn’t put my finger on it till a few days ago when I found myself using the Analogies Project itself as a metaphor for the contextual aspects of Information Security.

The Logic runs like this…

Information Security Management is highly dependent on context.  This is because context dictates the relevance of particular frameworks, approaches and controls.

In the same way The Analogies Project contains a wide range of analogies and metaphor from a range of different perspectives (wherein lies its astonishing value). Though all are interesting, some are more use to me than others – because they are relevant to my particular context and circumstances.

In the same way that I draw on those analogies that fit my particular needs in a particular situation, a well run Information Security Management System deploys those controls, frameworks and approaches that are most effective in a particular set of circumstances.  As the circumstances change, the systems must be able to change too, much as we find new and interesting analogies to fit new communication challenges.

Clearly this is more effective when deployed to someone who is aware of the project…..though fortunately this is becoming increasingly common.

Author: Tom Fairfax

Share This Post On