The eight rules of security

Tuesday, 13 January 2004, 12:24 PM EST

Recently I have found myself with the opportunity to continue my ambassadorial role as it comes to information security, and provide some teaching on the basics of security as it relates to business. As I sit here and reflect on just what should be covered in a span of 15 minutes to give the most in depth understanding, I realize that its not such a simple task. Traditionally, people look at the infosec field as something to do about firewalls and antivirus. They treat technology as THE solution, instead of simply the enabler. And itís this fallacy that weakens any security implementation. Security is a process, not a productÖ and should be treated as such. Through the security lifecycle, policy and procedure needs to take precedence over implementation. Itís a bigger part of the circle for a reason.

Anyways, as I think about it more I realize that there are eight components of any good security decision. This isnít new, and has been covered off in writings from people like Kevin Day years ago. And it still applies today. What it comes down to is eight simple rules (commandments so to speak) of information security.

By Dana Epp.

[ Read more ]


The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 1st