The moment I graduated from school and received my diploma in accountancy, I received a job offer to start as a junior system and network administrator. Simultaneously I got introduced to the world of cybersecurity. However, back then things were not as complicated as they are today. Like any other system and network administrator, I implemented various security controls like firewalls, IDS/IPS solutions, and anti-virus solutions. And sure, from time to time I needed to deal with a security incident, luckily mostly virus related. But it got me thinking.

Why is it so problematic to design, implement, and maintain a secure environment? Is a secure environment really a utopia?

Okay, true you can only invest your money once, and budgets are not unlimited. But what about the cost of downtime caused by a security incident? Or the cost of remediating the security incident? Okay, I recognize that a company needs to make money to keep the shareholders satisfied, but the shareholders will be extremely disappointed if the company is severely affected by a security incident.

As time passed, both the IT industry and I matured and gained more insights. That is the reason why I started the blog channel ‘Tales of a security professional’. A channel where I can share my experiences and raise awareness on various topics as I see fit so others can learn from my knowledge and experiences.