Beside the who, the how and the where - security is a lot about the "when".
In the best of worlds, you will be able to deter an adversary from even trying to compromise your system.
If not, can you prevent the attack from succeeding?
If not, can you detect the intrusion in a timely fashion?
Once detected, can you contain the attacker and prevent a wider compromise?
Finally, can you swiftly restore your system to agreed service levels?
Better get the chronology straight. Security is a lot about timing.
(some of) my events
- 2019-04-09--11 Operativ informationssäkerhet (teaching course, Stockholm)
- 2019-03-06--08 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2019-01-29 Certifierad informationssäkerhetsarkitekt, del 1 (co-teaching course, Stockholm)
- 2019-01-10 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2018-12-13 Datakommunikation och IT-säkerhet (guest lecturing, Högskolan i Gävle)
2015-02-16
Subscribe to:
Post Comments (Atom)
last chance...
