"Why do people always talk about the initial entry point of breaches. We need to talk more about the importance of [X]."
You know, it's funny. There's a lot of truth in that, of course, But over the past few years I've come to learn there is some logic to focusing on entry.
The logic being this: if an org has major, continuing problems implementing perimeter security-the first and most obvious place that security is needed--well, it's unlikely it's going to do other security & maintenance things elsewhere much better.
In fact, usually the converse.
In theory, you could have an org that consistently has a swiss-cheese perimeter but is absolutely brilliant at internal network segmentation and has killer detection & response operations.

In reality.... my guess is that such orgs are decidedly uncommon. Maybe outright rare.
Systemic organizational issues (poor resourcing, poor leadership support, etc.) tend to have systemic effects.
In my experience, if there's a little rot at the perimeter there's probably a lot more inside.
You can follow @arekfurt.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more