Building blocks of security are people, processes and technology ("PPT").
These days we rely more on technology than we used to.
Also, the amount of these ingredients will vary between organisations. Think of a highly regulated large entity, such as a bank, heavy in processes. Then think of a smaller company in another industry where no one ever talks about processes.
Why do some organisations seem to be doing well without adhering to this PPT scheme? What additional factor could help explain this?
(some of) my events
- 2018-10-03--05 Operativ informationssäkerhet (teaching course, Stockholm)
- 2018-09-05--07 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2018-05-23--25 Teknisk informationssäkerhet (teaching course, Stockholm)
- 2018-05-17 Three Capabilities in a Crisis (guest lecturing at Mid Sweden University, Östersund)
- 2018-05-16 Info.säkerhet är inte "någon annans problem" (lunch seminar at Mid Sweden University, Östersund)