The Best Practices are No Longer the “Best” Practices – Part II

Earlier this week, I shared my views about best practices and cybersecurity. Now I want to move beyond best practices as your sole defense. The traditional cybersecurity mindset is one of prevention, believing threats cannot penetrate — and this is why security plans fail. It’s easy to assume defenses are successful against an insidious threat. Metrics will show an effective compliance program, intrusion detection and access denial. Yet to take for granted that the threat is gone, rather than having simply moved to another path within your network, is foolhardy. Assuming there are numerous threats to your security measures that are coming in a dynamic and continuous fashion may seem paranoid, but just because you’re paranoid doesn’t mean ... [ Read More ]