Enabling Business with Security

5 Laws, 4 Corollaries of Security

Where is the transformation happening? IT is being aligned with business to enable security officers to rope in more security measures.

Security Perception Changes

Before evolving the laws and relevant corollaries, it is also essential to look back as to why the field of information security is evolving faster than ever. Now, senior leadership across enterprises is taking interest.

Shift in Attackers

Attackers are after much more than traditional monetizable data drive hacktivism, state-sponsored attacks and IP attacks breaches.

Change in User Expectations

Security is being woven into service level agree-ments and price, process maturity and scale can only go so far assurance is also key.

Todays Social Concern: Hackernomics

A social science concerned chiefly with description and analysis of attacker motivations, economics, and business risk, hackernomics is characterised by 5 fundamental immutable laws and 4 corollaries.

5 Laws:

  • Most attackers arent evil or insane; they just want something.
  • Security isnt about security. Its about mitigating risk at some cost
  • Most costly breaches come from simple failures, not from attacker ingenuity
  • In the absence of security education, people make poor security decisions with technology
  • Attackers usually dont get in by crack-ing some impenetrable security control, they look for weak points like trusting employees

Corollary:

  • No budget to protect against evil people but against them who are looking for weaker targets
  • In the absence of metrics, we tend to over focus on risks that are either familiar or recent
  • Bad guys can, however, be very creative if properly incentivised
  • Systems need to be easy to use securely and difficult to use insecurely
  • Business teams and users are already consuming the best technology at will

The Plateau Effect: How enterprise is evolving

The three steps to business assurance are about having continuity, agility and governance.

Dr. Hugh Thompson, Senior VP & Chief Security Strategist, Blue Coat

Air Jordan XIII Slippers


Add new comment