Laws of Security

LAWS OF SECURITY

1. RISK RECOGNITION

Recognize what can go wrong and have a plan for it.

2. YOU ARE ALWAYS BEING ATTACKED

Assume there are active threats, what do you need to protect now? What are the immediate risks?

3. NEVER TRUST INPUT

Verify the information, making sure you authenticate the source.

4. PROACTIVE DETERRENCE

Build layers and engage a threat at the outermost one. Always attack first.

5. FUNCTIONAL SECURITY

Simplify security. Know your environment and apply the fundamentals.



These laws were based on these Security Principles. It also comes down to how to communicate risk.

Original source of the laws.