« Rambling on about risk assessment | Main | Do you know what you don't know? »

The first rule of Information Security

KingS My first rule of Information Security has today been demonstrated to good effect to still hold true. The rule being: "If you don't check then it hasn't been done."

The somewhat related second rule of "people will tell the Security Director what they think he wants to hear" is also proving to still be very current and valid.

The fifth rule of "never trust a network diagram to show a true and full picture" is now promoted up to third place.

The problem for those who feed me incorrect information is that they clearly haven't yet learnt that I always check the detail.

It's still only Monday too!

Bookmark and Share


Posted by Stuart King on November 17, 2008 12:30 PM
| View blog reactions

TrackBack

TrackBack URL for this entry:
http://www.computerweekly.com/cgi-bin/mt/mt-tb.cgi/40652

Comments (1)

Mark Joslin:

Hi Stuart,

You probably won't remember me as I left RX a year ago, but having read through some of your articles it's good to see the same old battles are carrying on! Great blogging!

Hope you are well!

Mark

Posted by Mark Joslin | November 24, 2008 1:33 PM

Posted on November 24, 2008 13:33

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on November 17, 2008 12:30 PM.

The previous post in this blog was Rambling on about risk assessment.

The next post in this blog is Do you know what you don't know?.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]