Opportunist Policy statement must be clearly defined and published. It must also be precise without ambiguity but subject to interpretation by Spare Capacity Availability is one of the protection objectives in cybersecurity. When deploying new systems, the design must cater for spare capacity. Surrealism It is easy to for artists to draw something or writers compose fictions beyond imagination. Such creation even stimulates innovation Purpose of control When we deploy control, we always have to understand what we are trying to achieve. In the illustration, if the Dead End Good cybersecurity policies (management directives) should avoid incorrect interpretation nor perception. Further down the road, if policies is not precise Different perspectives It is the same scene but different people will interpret it differently. Business managers or plant floor engineers have their We are all just prisoners here, of our own device ... Disruptive technologies and their rapid advancement have changed the way we live. With proliferation of Internet hotspot (mostly free) & Excessive and Unnecessary Control Adding control won't give you more security. I came across advices from other cybersecurity practitioner that overkills. Indeed, the insecure ROAM Remote Office Access Method (inspired by ISAM, VSAM in old days) has undergone significant changes over the past decades due WiFi Getting connected to the Internet for various activities (getting updates from email, news, social media, weather, checking maps, traffic condition Risk Evaluation Risk assessment is the approach to identify hazard and implement proper controls to reduce likelihood. When doing so, we should Do The Right Thing No matter in physical or cyber world, there are facilities built for people using them to achieve certain purposes - « Previous 1 … 5 6 7 8 9 … 22 Next »
