Switching to the Offence Defence wait what?

Lately, the Preventative Doesn’t Work Quick / Well Enough So All Heads Turn To Reactive Security has had its effect. But not the intended effect of doing both, just the latter it seems [yes, I know].

And, where the FLOT hadn’t been up to it before, often by lack of proper budget, the hardly sufficient funds have been shifted. Recipe for …

Indeed, the Reactive part had been neglected much too long, but a shift was not asked or, but a doubling of efforts on both sides (?). Hence, the now ‘new’ SIEM et al., may have had all the attention but that doesn’t mean success (yet!), objectively.

And subjectively, maybe less — ’so what did you do with the money ..?’ — also caused by the shift-not-double of allocations (budget, in Count da Money, time and supremely capable staff).

Not so strange, when you go, at a strategic level, from one point (/) solution to another…

So, the way out ..?

This is 2017. Do it in the mix. As presented here and here. But certainly here.

I.e., find the balance and play chess at Grand Master level on all boards (including B~ see last Thursday’s post below). Starting at the front, your attack surface, by means of Activity-Based Access Control and Integrity of Systems. And all other stuff you did in the past but have to bring back up to snuff and clean out like Augeas’ stables (thinking of your ‘user administration’ here).

And then realise that all this is still asymmetrical to the hilt, so absolutely not enough. Do not throw away what you built over the last year / and a half but extend it… With smart fill into the matrix of this. Which should be much cheaper than (thinking, faintly trying) to tighten your FLOT shut; the thin red line that it is. And with this blended approach also much less hindering the Good ones.

[Oh, edited to add after schedule-time: this. For the balance… But will, I think per Feb 27, return with a high(er)-level view why ‘preventative’ and ‘in control’ are definitiely two distinct things…]

Plus:
20140905_201502
[No you st.p.d that’s a blue’ish-and-white’ish line of sorts; Noordwijk]

Advertisements

About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Sociological, psychological notes and tagged , , . Bookmark the permalink.

2 Responses to Switching to the Offence Defence wait what?

  1. Pingback: You Don’t Call The Shots | Maverisk

  2. Pingback: You Don't Call The Shots

Your comments are welcomed!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s