Thursday, January 15, 2015

A note on netsec

Know your network and assets.
Gain situational awareness.
Quantify Value at Risk.
Risk is a factor of dependency.
Map transitive trust.
Zone assets and services.
Partition failure domains.
Assume compromise.
Fail well.
Maintain ability to replay traffic to high value assets.
Drill incident response.
Minimise abstraction layers.
Advocate loose coupling.