2Security Culture Will Fix Things

Introduction to Security Culture

Context

The cyber industry is relatively young, so you might expect to see a number of tried and subsequently discarded ideas littering the place, as the industry evolves and hopefully moves on. For example:

At one time the thinking was “we can do all this with logic”. Security was seen as a matrix with permissions granted to individuals along one axis, and sensitivity labels assigned to data on the other. Access to data could therefore be mediated through fixed rules applied to each cell [1].
Later the thinking was “we can fix this if we write enough standards” [2–4]. A number of mostly technical documents were developed, initially in the United ...

Get The Business of Cyber now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Business of Cyber by Peter Fagan

2Security Culture Will Fix Things

Introduction to Security Culture

Context

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly