Chapter 2. Security as a Process

In the first chapter, we talked about understanding information technology as a system that includes the individuals that interact with the technology, as well as the organization that invests in and controls the system. We provided you with some concepts that you can use to define and document your system as a whole. In this chapter, we'll take the static snapshot of a system and move it into a dynamic environment that is constantly changing. Because of constant change, securing your IT resources is no longer a single straightforward action, but a series of continual steps that make up a never-ending process.

Featured in this chapter:

  • The myth of total security

  • Risk mitigation

  • The system development lifetime cycle ...

Get Mastering™ Network Security, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.