CHAPTER 10: PROCESS DESIGN
‘Designing-out the potential for human error leading to cybersecurity breaches, is the optimal approach to tackling the problem. If the opportunity for human error does not exist (think of automated rather than user-installed security software upgrades), then it will not occur.’Cyber Security Knowledge Transfer Network28
Security is essentially about managing certain categories of operational risk, typically referred to as ‘CIA’ – Confidentiality, Integrity and Availability.
Standards, such as ISO27001, provide best-practice guidance in designing, setting up, operating, and improving institutions and procedures, based on risk management principles. These are known as Information Security Management Systems.
However, ...
Get Security: The Human Factor now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
