When deploying protection or counter-measure, it is necessary to understand

  • If new risks are introduced?
  • Will these new risks even exceed the consequence of do nothing?

An example is DLP (Data Leakage Protection, not Prevention).  It requires “super” privileges to access every resource being monitored to alert sensitive information being shared improperly.  Even though this might be a system account, mis-configuration or process weakness could exploit the DLP to leak more sensitive information to unintended recipient.

Leave a Reply