Security Triangle+ People Process Technology+

As other blog posts have mentioned  in the past:

Schneier: https://www.schneier.com/blog/archives/2013/01/people_process.html

http://www.computerweekly.com/blogs/david_lacey/2013/01/we_need_more_use_of_security_t.html

Here is the “Security Triangle” People, Process, and Technology.

social-intranet-toby-ward

Image from:

http://www.business2community.com/online-communities/social-intranets-merging-people-process-and-technology-0126252

 

Even though the image above is for social media, I like it because it shows the number of items in People that must be behind your new security push. “Security People” is also the same – employees, Executives, and managers.

Process  is different for Security, and has to do with the types of compliance that your organization has to fulfill , but similar items are in “Security Process”

 

As some of the older blog posts mention the only thing that can improve in an exponential manner is with technology.

 

So that is why I say we need Technology+ we need to use the Technology piece of the triangle as much as possible.

So how can we make things work in the technology piece? We need to use Intrusion Prevention Systems better than the previous firewalls you may have.

http://oversitesentry.com/if-a-firewall-is-useless-what-to-do/

 

 

The biggest problem in my opinion is that we have to get executives to understand “FULLY” about cybersecurity.  Here is my attempt:

 

We all know Cyber Security is needed, but how to effectively increase capabilities?

Security consists of People, Process, and Technology.

Technology is what you have to have (Intrusion Prevention, Firewalls, Anti-Virus and more) and it must be as good as you can make it within your budget.  (Technology+)

A well written Security policy for employees and other users (including guests or patrons) will help quite a bit.

People need clear instructions and direction and that is what the security policy is for.

With clear direction and instruction people (who some say are the weakest link) can make themselves more secure.

 

Contact me to discuss this

Advertisements

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.