Complexity is the enemy of security

My passion is to make information security for companies as simple (and understandable) as possible and at the same time reach an optimal level of security that fits the context of the organisation. After all, it is not the question whether companies are experiencing data leaks (for example as a result of a hacker or because of activities carried out by employees), but it is the question when and how the company is going to get out of that situation. A euro can only be spent once, it is therefore important to implement resources on the most critical processes of data in a company. That is my goal and how we reach that goal differs every time. I am straightforward and I can hold up conversation with developers about code, with system administrators about IT-infrastructure, with network administrators about VLANs and protocols, with security about challenging the latest results of the pentest and with middle- & senior management about how all these security measures can support their business or even help them improve.