Why Asset-Based Security Makes Sense
by Steven Drew - Thursday, 5 January 2006.
Strategically speaking, an asset-based security program keeps intruders out by ensuring that all individual security processes are focused on what matters most to your business-the risk faced by your critical assets. This allows you to quantify the deliverables each individual process using a uniform standard without comparing apples to oranges. As a result, you can accurately measure and evaluate your security program using a metric that is universally understood and directly aligned with your company's business needs. And, because accurate measurement is the foundation for continuous improvement, you now have the groundwork in place to drive change as the security of your critical assets demands it.

Implementing a strategic, asset-based security program is absolutely vital to protecting your critical assets from attacks now and in the future. Regardless of what the preferred method of attack will be in the future, the target will still remain the same. For a savvy attacker, a newly discovered exploit isn't the prize; it's only a means to an end. The information security landscape is dynamic in nature and attack vectors will continue to shift as the landscape evolves. During all of this, the one aspect that is guaranteed to remain constant is the attacker's focus on profiting from your assets. Approach your security program tactically without focusing on the assets it is meant to protect and you might as well let attackers drive, because they're going to choose which direction you'll be heading in anyway. Approach your security program strategically by focusing on your assets so that security decisions are driven by real business risk, and you will be able to efficiently address threats regardless of how they evolve.



Steven Drew is Chief Operating Officer of LURHQ Corporation, a trusted provider of Managed Security Services. Founded in 1996, LURHQ protects the critical information assets of more than 400 customers by offering integrated Threat Management services.

Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //