Ask Not This is self-explanatory... Ask not what cybersecurity can do for you. Ask what you can do for cybersecurity. Each of Misplaced Control Security technologies are secure but if deployed incorrectly, the intended protection will be in vain. It is necessary to have Data-at-rest This is one of the commonly referred information states among data-in-use and data-in-motion. Within data-at-rest, there should be further taxonomy: Control #2 Most consider cybersecurity controls require hi-tech solution such as deep packet inspection, non-revisible encryption, biometric authentication with time of day Assumption Risk assessment is part of the risk management process to identify exposure, likelihood and business risks so that the necessary USB Port Misconception Most often, people said blocking USB port is a control in the company but somehow there is exception process to Cyber Risk Likelihood #2 In physical world, public touch points are not hygiene. The more people touch it, the more "dirty" it will be. Limitation Every technology or system must have inherent limitations: no matter itself or its environment. Say, surveillance via CCTV for physical Blockchain Everyone is talking about this great technology and every industry is trying to adopt in the business model. Without going Myths of DLP The cybersecurity industry commonly names DLP as Data Leakage Prevention. It lacks of qualifier because the technology just tries to Least Privilege Another practice in physical world is adopted in cyber world - least privilge principle. However, we must bear in mind Zoning Many cyber practices are actually adopted from physical world. Zoning is an example. Main purpose is to isolate object path « Previous 1 … 18 19 20 21 22 Next »