Big Picture Common pitfalls in conducting risk assessment are Controls in place are not explicitly stated as assumptionLack of big picture A Protocol The road is clear and why are these pedestrians waiting for? This is because all road users need to observe Policies #3 (From Directive to Enforcement) 1. Use case Authenticate the user of parking is "Aliens" status, a yes/no decisionGrant usage durationDisclaim loss/damage responsibilities 2. Enforcement Foundation Proper cybersecurity in an organization must have a foundation. The effective approach is driven from the top to mandate integration Insider This is a popular topic in Board Room too. No matter how much cyber protection technologies are invested and deployed, Insecurity Road system in physical world is designed for safe (secure) use - sign board, speed limit, road shoulder, proper lane Back Door Each house has its own perimeter to control entry. However behind the perimeter, they are mutually accessible at the back The Race It's about attack and defense in the cyber space. In early days, breaking login is via password brute force attack Cyber Citizen We are really living in the cyber era. From early childhood, kids will touch on device, get connected or even Tagging Tag or label is an important aspect to document cyber assets like hardware components or cabling. This is not an Access Control #2 Access control is intended to allow only authorized subject to reach the protected resources. A comprehensive assessment including penetration test The Past Earlier, I talked about network anomaly detection. It is the kind of technology based on the past activities to predict « Previous 1 … 15 16 17 18 19 … 24 Next »
