Simple Checklists#

The landscape of cyber security solutions is filled with:

  • Holy Grails and

  • Failures

We are all humans. So for severe problems like mitigating cyber security risks we fall in love with so-called ‘Holy Grail’ products. The product capabilities of these products are outlined with vague and difficult marketing buzz. So perfect for managers who lack a solid technical background. Of course you have to trust the vendor since these too-good-to-be-true products are never F/OSS products. This of course to hide the fact that magic solutions do not exist. And security by obscurity is a bad security principle.

Failed security products are doomed when deployed. These products are characterised by:

  • a complex setup

  • propriety solution and

  • complex mandatory maintenance and update processes.
    Too often these products introduce extra risks instead of mitigating risks. Deploying these products can be compared with deliberately installing a large backdoor in your trusted environment.

Checklists help with improving all security management aspects like:

  • Developing and improving security architectures and designs.

  • Communication. E.g. after a security incident.

  • Evaluating quality of solutions.

Collection of Security Checklists#