Information security has undergone a profound transformation and paradigm shift in the past decade. Unfortunately, many organizations and security professionals have not transformed with it. Perimeter-based security is an important part of a comprehensive defensive strategy, but is ineffective by itself. An optimal defensive strategy begins with a comprehensive security policy based on thorough risk analysis including identification of critical information assets and attack tree modeling. Our objective is to establish mitigation strategies commensurate with the level of risk – no more or less. The mitigation strategy is then implemented at the tactical level through integrated and layered security infrastructure, practices, and procedures.
Identity, Credential, and Access Management (ICAM)
