[1]Resiliency is the new secure

  This is a good take on something I've been advocating for a long time.
  Wearing both the security and network manager hats as I do it's useful
  to remember the concept of the C-I-A triangle from your CISSP exam. The
  A stands for "availability", something a lot of security professionals
  forget about. To many see "confidentiality" and "integrity" as far more
  important. It kind of reminds me of the three branches of the US
  government. "Availability" is the Supreme Court of security.

  The three make more of a Venn diagram, really. The sweet spot is where
  all are in balance is what we should strive for as security
  professionals.

  Putting my network manager hat on, the triangle is more about
  performance, resilience, and value. I don't use cost as a metric for a
  variety of reasons, which will make for an interesting post on it's
  own. Yet again, where the three overlap is the sweet spot for network
  availability.

  The most fascinating aspect to these in my organization is the fact
  that the argument for both security and network are basically the same
  - what do you, the customer, want to pay for insurance that your
  location will stay up and running through most critical events?

  Interestingly, it just occurs to me that in both areas simplicity is
  critical to success. I've seen severely over-engineered network setups
  meant to provide redundancy only to have the actual outcome assure that
  the network is more vulnerable to outage. The same happens with
  security. Labyrinthine machinations usually keep people from doing
  their work and dives users to find ways around.

  What do you think about resiliency and simplicity as the aspirational
  end-game of security and networking?
    __________________________________________________________________

  My original entry is here: [2]Resiliency & Simplicity are the new
  Secure. It posted Sun, 20 May 2012 16:43:54 +0000.
  Filed under: technology, InfoSec,

References

  1. http://h30499.www3.hp.com/t5/Following-the-White-Rabbit/Resilient-is-the-new-secure-the-evolution-of-business-relevant/ba-p/5662331
  2. https://www.prjorgensen.com/2012/05/20/resiliency-simplicity-are-the-new-secure/

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.