The Security Value of Resilience

Suppose your organization has maximized the first two key values of the Security FORCE Behavioral Model, failure and operations, discussed in Chapters 11 and 12, respectively. You have set up the requisite operational behaviors and visibility to ensure you can detect errors and mistakes. And you have rebooted your understanding of failure itself, becoming adept at identifying failures while they are still small. What comes next? That’s easy: you’re going to experience a security incident. Failure is like disease, like sadness, like pain. No matter how good you are at anticipating and avoiding failure, everyone fails eventually. Highly reliable security programs (HRSPs) are no different. They tend to ...

Get People-Centric Security: Transforming Your Enterprise Security Culture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.