CHAPTER 6: SECURITY AND CONTROL APPROACH
“Security is the chief enemy of mortals.” William Shakespeare
Security is indeed the chief enemy of mortals. We humans are made to overcome challenges, solve problems, and forge ahead. In the history of classic IT security, where the emphasis is on confidentiality, integrity, and availability, necessary practices and controls meant longer, slower, more expensive – but not necessarily better. Further, the implementation of improved controls (at the expense of “sexier” IT projects most often) have not resulted in a permanent improvement in the security status because the threat to electronic information assets in every arena is rapidly expanding, creating a frustratingly rapid (upward) moving bar.