https://www.yourcyberpath.com/105/

In this episode, we are returning to the Security Design Principles series, this time with Work Factor.

Work factor refers to how much work it’s going to take an adversary to attack your assets and succeed in doing so. This is coming directly from the world of physical security that was imported into the cybersecurity realm.

What you need to understand is you don’t need perfect security. You don’t have to create an impregnable system (if that even existed) to be able to protect yourself from most dangers. You just need to become a more difficult target than other organizations. And this is where work factor comes in.

While you need to make it difficult for attackers to consider you as a target, you also need to make sure you are not spending too much time and money doing so, to the point where you are building a $1000 fence to protect a $100 horse. Balancing security and business value is a critical aspect when planning out your security posture.

Another important aspect that a lot of people usually ignore is the anticipated resources available to the attacker. Understanding how your adversary works and what kind of resources they might be able to utilize can help you determine how much protection you need to put in.

What You’ll Learn

●    What is Work Factor?

●    Do you need perfect security?

●     How do you value how much protection you need?

●     What kind of attacks endanger small to mid-sized businesses?

Relevant Websites For This Episode

●    Your Cyber Path 

●   IRRESISTIBLE: How to Land Your Dream Cybersecurity Position

●  The Cyber Risk Management Podcast

Other Relevant Episodes

●   Episode 103 - SDP 4: Compromise Recording

●   Episode 98 - SDP 2: Psychological Acceptability

●   Episode 101 - SDP 3: Economy of Mechanism

Ver todos los episodios