The authors describe how latent errors (such as gas leakage at an oil rig) combine with enabling conditions (a windless day or a welder working nearby) to cause failure (think of the BP Gulf disaster).
Lessons for InfoSec are to leverage incident reporting to catch smaller mishaps and to explicitly manage vulnerabilities as a precursor to risk identification with threat sources.
No comments:
Post a Comment