This series will explore 5 tips to build a sustainable, repeatable & effective C+ security effort. One that can pass security audits, comply with regulations, while still maintaining a strong dose of practicality. Time to go from F to C+, baby! Tip #4: Being Repeatable and Consistent is the Life Blood of the C+ Student The good thing about being a C+ student in security is that you will probably be much more effective in getting stuff done as well as cost effective at doing it; both in implementation cost and impacts on the business. The problem with this approach though is that you do not have much room for failure when you make mistakes. With an A+ approach, a couple mistakes will still leave you with a B. With a C+ approach a couple mistakes and you are in the land of D, or not compliant in regulation speak. Obviously, this is going to lead to problems. So the key when taking a more average approach is to make sure that you implement systems that, though average in implementation, are an A+ in terms of quality and repeatability. For example, you may be building an economy car instead of a luxury one, but make sure it is a Toyota instead of a Hugo in terms of quality.
As always, please provide your feedback to Mike.Gentile@delphiis.com or @delphiisCTO on Twitter; I always read them.