"Why do people always talk about the initial entry point of breaches. We need to talk more about the importance of [X]."
You know, it& #39;s funny. There& #39;s a lot of truth in that, of course, But over the past few years I& #39;ve come to learn there is some logic to focusing on entry.
                    
                                    
                    You know, it& #39;s funny. There& #39;s a lot of truth in that, of course, But over the past few years I& #39;ve come to learn there is some logic to focusing on entry.
                        
                        
                        The logic being this: if an org has major, continuing problems implementing perimeter security-the first and most obvious place that security is needed--well, it& #39;s unlikely it& #39;s going to do other security & maintenance things elsewhere much better.
In fact, usually the converse.
                    
                                    
                    In fact, usually the converse.
                        
                        
                        In theory, you could have an org that consistently has a swiss-cheese perimeter but is absolutely brilliant at internal network segmentation and has killer detection & response operations.
In reality.... my guess is that such orgs are decidedly uncommon. Maybe outright rare.
                    
                                    
                    
                    
                
                In reality.... my guess is that such orgs are decidedly uncommon. Maybe outright rare.
 
                         Read on Twitter
Read on Twitter 
                                     
                                    