Beside the who, the how and the where - security is a lot about the "when".
In the best of worlds, you will be able to deter an adversary from even trying to compromise your system.
If not, can you prevent the attack from succeeding?
If not, can you detect the intrusion in a timely fashion?
Once detected, can you contain the attacker and prevent a wider compromise?
Finally, can you swiftly restore your system to agreed service levels?
Better get the chronology straight. Security is a lot about timing.
(some of) my events
- 2019-10-08 Riskkollegiets seniora pris (co-hosting seminar in Gothenburg)
- 2019-08-22 RISKUT 2019 (co-hosting conference, Stockholm)
- 2019-06-18 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2019-05-15--17 Teknisk informationssäkerhet (teaching course, Stockholm)
- 2019-03-27 Beyond the Static InfoRisk Assessment (presenting at Åre Risk Event)
last chance...
No comments:
Post a Comment