In the world of information security, the ability to actually implement something and bring ideas to fruition, is commendable. In A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using (ISBN 978-1549836534), author Roger A. Grimes take his decades of experience and give the reader excellent advice on how they can secure their networks and do just that.
As the title implies, the data-driven approach to information security moves the line of defense from the network to the data layer. It, to a degree, complements, but is not as complex as the notion of zero trust networks.
Grimes writes that one of the main problems that will exacerbate ineffective security at a firm is when they do not properly align computer security defenses with the actual threats and risks they face. The book attempts to create a new framework that firms can use to more efficiently allocate defensive resources against the most likely threats that they will face.
The benefits to this approach are impressive, in that firms can respond to threats in a timelier manner, create metrics that provide real information (as opposed to meaningless self-referential metrics), better threat intelligence, and more.
The book notes that a data-driven computer security defense is not necessarily one of hardware and software; rather it’s an approach to information security that uses a firm’s own data to understand specifics threats and risks.
In order to do information security right, every firm needs to ensure that they are capturing the right data, and they have enough evidence to base security decisions off that data. The next step is to prioritize the threats based on that evidence.
A Data-Driven Computer Security Defense is a great resource for those looking to slow down and escape the information security hamster wheel of pain and start a program to truly deal with information security.