![]() That's what it takes to maintain a secure organization. In one recent headline, the business was completely destroyed and the owner is looking at jail time. If the fundamentals are done well, detail items can fail and the business survives intact, but fail at the core and the business feels significant impact. Focus is essential, because if we lose focus for even a single day, it can mean compromise and declaring an incident. Information security programs and governance reporting should reflect the essential components and concerns and not get bogged down in detail or peripheral issues. Time and time again we read about incidents that would have been prevented if the organization had spent a bit more time on the fundamentals, and a bit less on whatever distracted them. This makes the business resistant to malware, ransomware, downtime, loss, industrial espionage, and every other bad thing. The fundamental dozen core things that need to get done to maintain security and operational integrity.ĭo them relentlessly. There are some minor differences in industry alignments, but the core of what they say and how it impacts the organization security remains essentially consistent, and these new publications reflect that. I have a stack of recent publications from multiple governments, industry organizations, and various publication growing daily, all of which I have to read, discussing "new" security guidance. ![]()
0 Comments
Leave a Reply. |