15 years ago I was an IT security consultant for a large health insurance company based in Chicago. It was a good job, but soon after I started I was reminded of why I dislike consulting. The persistent feeling of having no real responsibility mixed with the cold Chicago winter was too much, so I went searching for greener grass at another company.
One of my departure tasks was simple. Write turnover documentation for the projects that I had been working on. The documentation was to be written so that a new person on the team could read it and fully understand the task. One topic in particular worried me, it was incident response. How do you write a document that would give a new team member all the information needed to conduct a successful incident response process?
The truth is, if you want to be an expert on any subject you have to study the topic. So instead of writing turnover documentation on incident response I left a list of links to white papers that, if read carefully, could provide a person with the foundation knowledge needed to be successful. Reading information security articles, tutorials, and white papers is one of the quickest, most direct ways to improve your professional standing.
Later on my list of links grew longer and I put it on the internet to share with work colleagues. This evolved into what is now SecurityDocs, the premier place to read technical information security documentation.
Be patient over the near future as we rebuild the site, add papers, and change the look and feel. I’ll post occasional updates of our progress.