Build a usable security plan
Information security teams understandably invest a great deal of their resources in preventive activities, such as firewalls and antivirus software. They also implement intrusion detection systems, log monitoring, and other tools for the detection and diagnosis of security compromises. These are good priorities--as the saying goes, an ounce of prevention is worth a pound of cure. While there is nothing wrong with information security departments that like to use an ounce--or even a pound--of prevention, what if they donít have an ounce of cure?
[ Read more ]