Since this article came from WiReD... the magazine still trying to serve "nerds" and that the normies buy/read to be hip... ;-) rethink "thinking" I would say?
Nah... in this one they weren't off so far, I guess. To me it's never a question of if you get hit by a hack or a breach but rather when and with which impact your struck.
You can take preventive measures, which reduce the likeliness of an impact, sure.
Scaling OpSec/Infosec has to fit into you sheer $ numbers too. How much security is enough? Most people would tend to say you can never have enough security. ... which is wrong!
The truth and the right answer is "just enough".
But "just enough" often leads to misjudgement under economic pressure. Adjusting risk management and InfoSec in an operation is therefore usually an cyclic process to react to things like that.
Since this article came from WiReD... the magazine still trying to serve "nerds" and that the normies buy/read to be hip... ;-) rethink "thinking" I would say?
Nah... in this one they weren't off so far, I guess. To me it's never a question of if you get hit by a hack or a breach but rather when and with which impact your struck.
You can take preventive measures, which reduce the likeliness of an impact, sure.
Scaling OpSec/Infosec has to fit into you sheer $ numbers too. How much security is enough? Most people would tend to say you can never have enough security. ... which is wrong!
The truth and the right answer is "just enough".
But "just enough" often leads to misjudgement under economic pressure. Adjusting risk management and InfoSec in an operation is therefore usually an cyclic process to react to things like that.
Fact: Often attackers are just ahead of the pack.