Click here for larger image.
Commentary:
Please help me pin the tail on the other donkeys re:green and red icons?
Somewhere below architecture, policy, ontology, taxonomy but above distinct methods/controls? Predicated on an existing trust, zone,domain model. Prescriptive but not restrictive. A hitch-hikers guide to data-flow security!
Can this help empower the guys on the ground to make decisions and know when to escalate something to the security team?
I kinda wanted this to be a cheat sheet for Ops/BAU engineers. Something pragmatic rather than a magic 8ball for PMs and Solution "Architects" too.
