Chapter 4

Risk-Based Approach to Security


Security is a topic that organizations are concerned about. Most people do not even get surprised anymore when they hear about information being compromised and organizations being attacked. Security is a top priority for some individuals, many organizations, and most nations. However, while everyone likes to talk about security, very few organizations really know what it means to “be secure.” It is easy to say you are secure but it is hard for people to quantify and validate that they are implementing the proper level of security. Most people focus on the devastating impact that the APT can have on an organization but do not spend enough time on how to defend against it.

Organizations not ...

Get Advanced Persistent Threat now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.