Treat or Trick #2 I talked about "strengthening human awareness cannot be overlooked". The easiest penetration into a corporate network is via phishing email. Purpose of Control #2 When we deploy control, we must understand what is the purpose of the control. I came across certain cybersecurity practitioners Access Path A path is required at the barrier or perimeter for a number of reasons: reachability to/from destination with legitimate needs Control #4 The "Exit" has demonstrated various types of control to secure the physical perimeter while enable a "kill switch" to emergency In The Cloud We always hear people telling everything is now in the Cloud. Precisely, this is somehow incorrect. Even though there are Perimeter #3 One of the key controls in cyber world is the ingress/egress points to the network. Without sufficient control, threat actors Shared Responsibility I saw some awareness posters that cyber security is a shared responsibility. No doubt each of us plays a different Policy #12 In the illustration, there is implicit EXCEPT WITH PERMIT in real life. However, the bilingual "except's" are inconsistent.The Chinese version Ice Road This is seasonal - only happened a short while during winter time when lake or river is frozen with thickness Isolation #2 In pandemic disease era, facemask is a effective means to protect being infected via airborne transmission. This is usually voluntary Design & Build #3 Earlier, I talked about similar. When conducting a comprehensive assessment of a facility, we should not just look at the Policies #11 Policies are rules. They stipulate what are allowed and what not. Good policies must be practically achievable and enforceable, not 1 2 3 … 24 Next »
