Chapter 18
Security Operations
As the saying goes, “security depends 30% on technology and 70% on management.” Most important to a company’s security is the outcome. Although the plan can seem wonderful, it still needs to be inspected for its effectiveness.
As mentioned in Chapter 1, “Our World View of Security,” security is a continuous process. And the aim of security operations is to be a continuous process. A healthy company should depend on security operations to be threat free.
18.1 Make the Security Operated
How do Internet companies create their own security blueprint? Speaking from a strategic viewpoint, Aberdeen Group mentioned three phrases: find and fix, defend and defer, and secure at the source (Figure 18.1).
Figure 18.1
Get Web Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.