...it's at risk from people. Technology itself is neutral.
This seems obvious but we are getting it wrong all the time and attackers are profiting. We're so easily distracted by the shiny objects and expensive toys of InfoSec that we ignore the core principles - which is what TRULY makes the difference. Technology leaders must get the fundamentals right and develop their defenses in the correct order and in-depth:
- the right people - trained.
- the right processes - followed.
- the right tools - funded and well-supported.
It has to be in that ^ order or none of it will matter.
Welcome to my site. Let's talk about it.
