Fixing the #1 Problem in Computer Security: A Data-Driven Defense

A Data-Driven Computer Security Defense - Executive SummaryMany companies do not appropriately align computer security defenses with the threats that pose the greatest risk to their environment. The growing number of ever-evolving threats has made it more difficult for organiza

 
 
 
 
 
5 Star
(7)
7,996 times
Add to favorites
Security
3/21/2017
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Link not avaible
    1 Posts | Last post February 13, 2016
    • Hi Roger,
      
      on page 24 of Data-Driven Computer Security Defense Whitepaper 1.4, you introduced the "Microsoft Threat Modeling Tool"  with the following URL: http://blogs.microsoft.com/cybertrust/2014/04/15/introducing-microsoft-threat-modeling-tool-2014/
      
      Unfortunately, the blog page can't be access due to a redirection issue. Of course you can find the tool by searching the web, but I would be glade if this error could be fixed in the document.
      
      Kind regards!
      
      LäszLo
  • Perspective for higher education
    2 Posts | Last post December 03, 2015
    • I'm wondering if you have any thoughts about how this would apply to say higher education? For example, I may know that our “left flank” is being attacked, but the required openness of a education environment may impede/prevent taking the same action that a company could.
    • I feel for anyone defending an educational facility. I know the additional challenges. I would say to concentrate on your "crown jewel" resources versus trying to protect everything and apply DDD to those things. Collect the information and share with those in charge of making decisions. If you make the problems visible and they don't address them, at least you've done your best and the responsibility for not responding appropriately isn't on your shoulders. Educational facilities, even more than most, have to focus a lot on "assume breach" defenses, as well.