Information Security
How Replacing My Roof Mirrored Information Security – Part 4

How Replacing My Roof Mirrored Information Security – Part 4

Baby Steps

In security, we often want to boil the ocean! Rebuilding a roof is a series of small steps. Each one significant and built upon the other.

First, the rafters, eaves, and fascia. Then, the plywood and flashing. Afterward, paper, and then finally, the shingles.

Each one building on the other. Each one insignificant alone, but fundamental together. Putting together an Information Security Program is the same way.


  • Find your unknown unknowns.
  • Stop the bleeding.
  • Put together a plan.
  • Start healing and building.
  • Revisit plan often, execute, iterate.
Illustration by Freepik Storyset

Moral of the Story

Rome was not built in a day. Slow and steady wins the race.

Little streams make big rivers.

You get the picture: take each step at the time. 🙂

Looking to build and secure something big? Get in touch… [email protected]

If this article was helpful to you, consider subscribing to my weekly newsletter, where I share my latest commentary as a vCISO for high growth startups.

Check out how we help startups accelerate and level up their security programs through vCISO (CISO As A Service) and DevSecOps As A Service.

Tags :

Leave a Reply

Your email address will not be published. Required fields are marked *