Fortune Cookie Security Advice – May 2009

first_imgEveryone wants information security to be easy.  Wouldn’t it be nice if it were simple enough to fit snugly inside a fortune cookie?  Well, although I don’t try to promote such foolish nonsense, I do on occasion pass on readily digestible nuggets to reinforce security principles and get people thinking how security applies to their environment.Common SenseI think the key to fortune cookie advice is ‘common sense’ in the context of security.  It must be simple, succinct, and make sense to everyone, while conveying important security aspects.Fortune Cookie advice for May:Fear and anxiety will lead to poor risk analysis conclusionsStay focused on the available facts, use a dose of reality to fill in the gaps, and trust reliable risk models to generate analytical conclusions.Excerpt from the /javascript:;: In our world of information security, we must take a step back from the limitations and biases we possess and stay true to proper forms of analysis in order to see the truth.  It is far too easy for us to slip backwards and inaccurately measure risk of situations we don’t understand.  Let’s continue to remind each other of this fact and challenge risk assessments, especially in situations where concern is more prevalent than fact.So am I contributing to the problem of over simplifying security? Or am I reaching out to those who might not take an inordinate amount of time necessary to understand the complexities and nuances of our industry? You decide and feel free to share your knowledge-nuggets./javascript:;/javascript:;/javascript:;/javascript:;/javascript:;/javascript:;last_img

Leave a Reply

Your email address will not be published. Required fields are marked *