Security is not about adding value – Security is about protecting your ability to add value

Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

People sometimes ask me what I do (my Dad, who is 85, reads my blog so he knows already).  If it’s a neighbor, I’ll say – “I work in computers”, if it’s an IT person – I might say – “I work in information security” and if it’s a security colleague – I will say “I help you and your boss prevent information theft and abuse at a price you can both afford”.

This sort of begs the question – What is security?

When I do a threat analysis at a client – I look at assets, threats, vulnerabilities and security countermeasures. There are all kinds of assets – information, technology, physical, employee, customer, financial, operational and reputational.

I don’t feel obligated to draw the line on the type of asset the business must protect since attackers don’t stop to ask themselves the job title of the guards at the gate.

I think that the semantic differences in the job titles are unimportant if the security analyst is willing and capable of  thinking in terms of the business and in terms of money.

  • Assets are worth money.
  • Assets have vulnerabilities – the probability of occurrence can be measured.
  • Threats exploit vulnerabilities and cause money damage to the asset. How much damage they cause, can also be measured (remember – measurement is an act of estimation and approximation – there is no such thing as an exact measurement)
  • Security countermeasures mitigate the vulnerabilities and cost money

This is the essence of the Practical Threat Analysis methodology.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply