The 14 Absolute Truths of Security

Many security professionals like to say that there are no absolutes in security. But there are! There are at least fourteen absolute truths of security. Facts about security that remain true regardless of circumstance, network topology, organizational type, or any other variable.

Recognizing these absolute truths and how they affect a security program can lead to the success of that program. Failing to recognize these truths will spell almost certain doom. In this 60 minute talk we will take a non-technical look at each of the fourteen absolute truths in turn, examine what they mean to the security manager, what they mean to the security posture, and how understanding them will lead to a successful security program.

This talk focuses primarily on the managerial aspect of a successful security program. The talk presents information that is vital to understand for any manager who has responsibility for security. It also helps security technicians understand the non-technical aspects of security that effect their daily lives. You will see security principles presented in completely new and different ways. You will learn to think of security from a perspective that you may not have thought of security in the past.

Keith Palmgren
Keith Palmgren is a cybersecurity professional with over 35 years of experience specializing in the IT Security field. He is a SANS Senior Instructor and the author of SEC301: Introduction to Cyber Security. Keith also runs a successful security consulting practice, working with corporate leadership and security staff to help lower their organization's risk. Keith has taught over 25,000 students and authored 22 courses, seven of which the American Council on Education certified as eligible for college credit. Not only does he make sure students are grounded with the importance of fundamentals, but he shows them the evolution of cybersecurity; an evolution that he was part of.
Be the first to comment