« Implementing Attribute Based Access Control to Reduce Attack Surface | Main | The year the security dog caught the car »



Agree wholeheartedly!

I often tell people: "if we solve 40% of the iceberg by fixing some basic technical or process stuff, that's 40% we don't have to worry about again". Whittle away at the iceberg.. Seems obvious, but it's not presented that way often.

David Mortman

As Ken van Wyck and Mark Graff like to point out, it's all about "good enough" security, not perfect security...

The comments to this entry are closed.