Drazen Drazic

About Drazen Drazic

Drazen Drazic is the CEO of Securus Global. Securus Global is one of the leading Information Security consulting organizations in the Asia Pacific region - also servicing clients from around the globe. He is directly engaged as a strategic consultant by many organizations, across most industry sectors on matters to do with Information Security policy and strategy. In earlier times, he has headed up Information Security for a large global investment bank and Big 4 professional services firm, worked as a regional IT Director, and has spent many years promoting and talking about Information Security. He is also the chief writer on the IT Security Management site, Beast or Buddha.
Author Archive | Drazen Drazic

“Compliance” setting your whole security strategy is wrong….

By on July 6, 2010 in Community Manager, Enterprise Applications, Information Technology, IT Compliance, Security, Software

We’ve talked quite a bit about PCI DSS compliance here. Generally, we’ve looked at what is going wrong, what can go wrong and from there, what organisations should be considering to do it better. Looking at it from a slightly different perspective here but not wholly new either – we’ve touched on and skirted around [...]

Read full story Comments { 0 }

Looking at What Makes Good Application Security Knowledge

By on January 30, 2010 in Community Manager, Security

It’s always interesting reading about larger scale fraud like this one recently with the Bank of Queensland. You wonder in cases like this, had the accused pulled the pin earlier, would he ever have gotten caught? You wonder how many do get away with it – stopping before obvious alarm bells start to ring? What [...]

Read full story Comments { 2 }

Clouding the Solution Landscape: Mediocrity vs Strategy – Going the Easy Path….

By on November 5, 2009 in Community Manager, Information Technology, Security

We live in a time where 10 years ago is deemed as ancient history (from an IT view), a time that is well past, so different to today – a time that aside from reflecting on where we came from, provides little more to help improve what we have today. Information Security is hampered by [...]

Read full story Comments { 5 }

Data Classification Policies – Forgotten Purpose

By on October 23, 2009 in Community Manager, Guest Bloggers, Information Technology, Security

Data Classification.  I’m not sure I have ever seen an implementation of a Data Classification policy that I would say, is very successful. It’s a scary thought given that Data Classification is a key foundation policy for Information Security. For those who have implemented a Data Classification policy, ask yourself these questions. (For those that [...]

Read full story Comments { 0 }

Overcomplicating Information Security and Risk Management

By on September 22, 2009 in Community Manager, Featured stories, Guest Bloggers, Information Technology, IT Decision-making, Networking, Security

If I had to highlight a key problem area for organizations when it comes to how they approach Information Security and Risk Management overall, it would be the over-complication of their implementation(s), or lack thereof. (Sounds strange for the latter but it’s that “complication” that also results in the “lack thereof”). Technology has done little [...]

Read full story Comments { 3 }

Is The CIO Right For Information Security Issues?

By on August 5, 2009 in Community Manager, Security

Drazen’s post hits on a touchy topic. But the forces affecting IT managers these days is as much about protecting the network as managing it. There are some CIO’s out there who do a great job in coming to understand and actively monitor the risks they face. On the other hand, there are many CIO’s [...]

Read full story Comments { 0 }

Review of Information Security and Risk Management Strategy – Complex or Straightforward Exercise?

By on July 22, 2009 in Community Manager, Information Technology, IT Decision-making

In any strategic planning cycle, performance and strategy re-assessments are a vital component in keeping a strategy effective and up to date. One way to measure the performance of the Information Security strategy is to develop a set of metrics that include benchmarks across the various phases and sub-phases of the strategy. The goal of [...]

Read full story Comments { 0 }

CSOs becoming CIOs……A Natural Progression?

By on July 15, 2009 in Community Manager, Guest Bloggers, Security

Welcome Drazen Drazic, our newest guest blogger. Drazen’s posts will be a feature of our Wednesday coverage of the data security world. Drazen is the CEO of Securus Global. He is a strategic consultant, working across several industries on matters to do with Information Security strategy. Drazen is also a blogger. Heis the chief writer [...]

Read full story Comments { 1 }