O'Reilly logo

Assessing Information Security: Strategies, tactics, logic and framework by Andriej Michajlowski, Konstantin Gavrilenko, Andrew Vladimirov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 2: SECURITY AUDITING, GOVERNANCE, POLICIES AND COMPLIANCE

. . . in strategy everything is very simple, but not on that account very easy.’ – Carl von Clausewitz

In the previous chapter we emphasised that the most dangerous flaws are the flaws of security strategy. We have also discussed a few examples of such flaws. Strategic failures generate chain reactions of secondary and collateral shortcomings, many of which eventually become exploitable vulnerabilities – technical, process and human. This is common sense that applies to numerous fields of expertise:

  • When your strategy is deep and far reaching, then what you gain by your calculations is much, so you can win before you even fight. When your strategic thinking is shallow and near-sighted, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required