Having a new set of eyes is healthy not threatening

In Pentesting it’s a standard rule across the industry that before issuing a report you have it checked over by a colleague, both for technical accuracy and also to confirm that you haven’t made any spelling or other errors in the content. 

This is true if you are the most senior of consultants or the newest of juniors. 

The simple fact is that if you try to check your own work you are likely to miss something. We often see what we expect to see or what we meant to say not what we actually did say. 

It’s much easier to check the work of others as a fresh set of eyes can more easily see the issues than you can yourself. 

The same is true when it comes to monitoring your own security systems. It’s not a matter of complacency it’s a matter of objectivity. 

When you bring in a fresh set of eyes they are much more capable of seeing the gaps than we are ourselves. 

This is particularly the case when you already have a heavy workload as all IT departments do. 

IT departments are the workhorses of industry these days and have a huge number of responsibilities. From implementing new systems, as has been the case throughout the new remote working of this year to just keeping things working as they should, which is challenging enough. 

When you have to deal with:

? Making things work

? Keeping things working

? Deploying new services and solutions

? Making sure compliance requirements are adhered to

? Maintaining the security of the entire business. 

Things can seem like they’re stacked up against you. 

The reality is that outsourcing some of the burden to a fresh set of eyes is the most sensible thing you can do. 

It’s not a question of whether you can do it, it’s a question of how many hours there are in the day. In house security staff can be the most 31337 about but they can’t always be expected to have the time available to cover everything off.