Chapter 2. Security Auditing, Governance, Policies and Compliance
‘... in strategy everything is very simple, but not on that account very easy.’ | ||
--Carl von Clausewitz |
In the previous chapter, we emphasised that the most dangerous flaws, are the flaws of security strategy. We have also discussed a few examples of such flaws. Strategic failures generate chain reactions of secondary and collateral shortcomings, many of which eventually become exploitable vulnerabilities – technical, operational and human. This is common sense that applies to numerous fields of expertise:
When your strategy is deep and far reaching, then what you gain by your calculations is much, so you can win before you even fight. When your strategic thinking is shallow and near-sighted, ...
Get Assessing Information Security: Strategies, tactics, logic and framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.