Summary: Basics of Security

Get a recap of the basic security techniques we've learned in this chapter.

Map onto security principles

Each decision made about controls and processes should be mapped to one or more of the security principles discussed in this section. If it isn’t, reconsider whether the effort will improve security or if it will result in security theater.

Complexity

An increase in complexity has a potentially adverse impact on the security of an organization’s network, systems, and software.

Maturity levels

Consider the maturity levels assigned to the security controls that are discussed. These security maturity levels are intended to serve as a guide to help determine which controls are appropriate for an organization’s information security program.

Wrap up

Bret Arsenault, Chief Information Security Officer of Microsoft, summed it up well when he said, “I firmly believe that security is a journey and not a destination. It’s also an issue that must be addressed holistically by the industry and not by a single vendor. It’s only by working closely with our partners, the security ecosystem, and governments around the world that we can ensure consumers and businesses can trust the technology they use and don’t view security as a barrier to technology adoption.”


Get hands-on with 1200+ tech skills courses.