Chapter 18

Security Operations

As the saying goes, “security depends 30% on technology and 70% on management.” Most important to a company’s security is the outcome. Although the plan can seem wonderful, it still needs to be inspected for its effectiveness.

As mentioned in Chapter 1, “Our World View of Security,” security is a continuous process. And the aim of security operations is to be a continuous process. A healthy company should depend on security operations to be threat free.

18.1 Make the Security Operated

How do Internet companies create their own security blueprint? Speaking from a strategic viewpoint, Aberdeen Group mentioned three phrases: find and fix, defend and defer, and secure at the source (Figure 18.1).

Figure 18.1

Get Web Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Web Security by Hanqing Wu, Liz Zhao

Security Operations

18.1 Make the Security Operated

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly