Trust, But Verify

Doveryay, no proveryay is the Russian pronunciation of “Trust, But Verify.” I often heard this (in English) spoken by, and about, President Ronald Reagan in the 1980s, referring to U.S. and Russian nuclear disarmament treaties. That Ronald Reagan turned this rhyming phrase back on the Russians was probably lost on most Americans. It certainly was on me.

In the cybersecurity, privacy, and information systems audit industries, we use this phrase often to depict the need for quality.

I say “quality” here for a reason. Security and privacy are really business quality issues. Security and privacy related defects in business processes and information systems are really quality issues.

Trust, but verify, appears in the opening paragraph in Chapter 3 of CIPM Certified Information Privacy Manager All-In-One Exam Guide that is to be published in May 2021. The draft manuscript is complete; my colleague, J Clark, has completed his technical review. What’s left is copy editing (about half done), page layout (not started), and proofing (not started). Lots of steps. The excerpt:

Trust but verify is a Russian proverb that is commonly used by privacy and cybersecurity industry professionals. The complexity of information processing and management, which includes layers of underlying business processes and information systems, invites seemingly minor changes that can bring disastrous consequences.”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.