Axioms We Use In Security
A list of many of the catch phrases and axioms or maxims we like to use in cybersecurity...
I was feeling a little facetious last week and was going to post something sarcastic… but didn’t… maybe I will in the future.
Part of that post was a list catch phrases we use in the industry. So today’s post is just that, all the phrases we like to use.
Don’t see one here? Please comment, and I’ll add it.
Security is like an onion, it’s about layers
Defense in depth
Compliance is not security
Security through obscurity is not security
Guardrails not gatekeepers
Security is everyone’s job
Security’s role is to adequately communicate the risk (and impact) to the business
It’s up to the business to accept or mitigate the risk
Assume compromise
We need to find the unknown unknowns
Blast radius
Defend the crown jewels
Take a holistic approach
It’s not IF, It’s WHEN
Security is only as good as your weakest link
Baking security in earlier, will save you time and resources later
We have to “Shift Left” in security
Thanks Sean C. and Ryan F. for some of the extras! I got some good laughs.