The Security Value of Resilience
Suppose your organization has maximized the first two key values of the Security FORCE Behavioral Model, failure and operations, discussed in Chapters 11 and 12, respectively. You have set up the requisite operational behaviors and visibility to ensure you can detect errors and mistakes. And you have rebooted your understanding of failure itself, becoming adept at identifying failures while they are still small. What comes next? That’s easy: you’re going to experience a security incident. Failure is like disease, like sadness, like pain. No matter how good you are at anticipating and avoiding failure, everyone fails eventually. Highly reliable security programs (HRSPs) are no different. They tend to ...