In military operations, what is valued is foiling the opponent’s strategy, not pitched battle’. – Wang Xi.

The previous chapters put heavy emphasis on governance, management and policy issues in relation to assessing information security. They are also heavily centred on the issues of strategic significance. It is time to pull up your sleeves and dive into the realm of tactics. Inevitably, this means that the upcoming discourse will have to be more technically inclined. As stated in this book’s preface, however, providing detailed checklists or hands-on testing manuals is not the intended goal. We are not competing with, for example, OSSTMM (Open Source Security Testing Methodology Manual), not ...

Get Assessing Information Security: Strategies, tactics, logic and framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.