Beside the who, the how and the where - security is a lot about the "when".
In the best of worlds, you will be able to deter an adversary from even trying to compromise your system.
If not, can you prevent the attack from succeeding?
If not, can you detect the intrusion in a timely fashion?
Once detected, can you contain the attacker and prevent a wider compromise?
Finally, can you swiftly restore your system to agreed service levels?
Better get the chronology straight. Security is a lot about timing.
(some of) my events
- 2019-05-15--17 Teknisk informationssäkerhet (teaching course, Stockholm)
- 2019-04-09--11 Operativ informationssäkerhet (teaching course, Stockholm)
- 2019-03-27 Beyond the Static InfoRisk Assessment (presenting at Åre Risk Event)
- 2019-03-06--08 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2019-02-07 Säkerhetsarkitektur - ingenjörskonst eller hantverk? (hosting seminar in Falun)
last chance...
No comments:
Post a Comment