|
Size: 1057
Comment: Add nakedsecurity note.
|
Size: 1332
Comment: Add old comment.
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 16: | Line 16: |
| * 2009-08 ISACA conference * Move security from just compliance to Risk management * Business should be in control of risk * Do Not put measures in place that prevent the business of being successful * Focus more on the Data and less on technology |
Security comments and one liners
201311 from http://nakedsecurity.sophos.com
The first step is to stop trusting your client devices. All of them. This can be quite liberating as it’s a great opportunity to focus on what is really important to your organisation and ensure security resource is focused appropriately.
- 201303 - Charles Renert, vice president of Websense Security Labs told Security Week:
"Controls like patch management cannot eliminate risk exposure; they can only reduce risk to what you already know. Given the increasing frequency, severity and sophistication of the latest threats, the risk gap from unknown attacks across these kinds of vectors is on the rise. Rather than looking to update a single object or signature at a single point in time, companies must review the entire threat lifecycle and examine multiple opportunities to disrupt attacks."
- 2009-08 ISACA conference
- Move security from just compliance to Risk management
- Business should be in control of risk
- Do Not put measures in place that prevent the business of being successful
- Focus more on the Data and less on technology
- Move security from just compliance to Risk management
...