Cyber Pop: Holistic Security

Join Cybrary

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

< Back to Blog Posts

Cyber Pop: Holistic Security

Published: August 21, 2017 | By: Olivia | Views: 1708
save

It is no surprise that as our global reach extends and information is shared across the world, security risks are increasing with the expansion of the attack surface. For this reason, security professionals can no longer take a siloed approach to security. The problem stems from reactions to one threat while the rest of the organization is ignored, leaving those areas vulnerable.

What is holistic security?

Holistic security is an approach based on systems thinking that considers “how any security system’s constituent parts interrelate and work within the context of larger systems.” It applies to anything that requires security, including people.

Perhaps said best by Pinkerton, holistic security is “ Looking at your company’s security as a whole, with many parts that affect others, means that you can anticipate issues that could arise when one system deteriorates, even if temporarily, and how that will affect the other systems that depend on it.”

For security to be considered holistic, it must meet a few requirements, such as the security measures must be applied together, across surfaces, demanding that systems and devices are compatible and interoperable.

The method includes the risk wheel, in which organizational security is divided into hazard and event risk, operational and physical risk, technology and informational risk, and market and economical risk.

According to TechTarget, who emphasizes the human element, says, “All employees should be encouraged to provide feedback and suggestions and identify any security holes they detect. Security policies and procedures must be clearly understood by all personnel and those who will be working with the security system should have input to its implementation.”

Why use a holistic approach to security?

At its’ core, holistic security aims for continuous protection across all attack surfaces including the physical layer, software, hardware, and perhaps most importantly, the human attack surface. With this approach, you should seek to see an organization as a complex and interconnected system, whereby your security acts to integrate every aspect.

Holistic security helps provide a closer look at your security program and can even change the way an organization looks at security.

How do I learn enterprise security, incident response, and risk management?

As a natural progression in a security career, practitioners tend to move towards areas such as incident response and risk management, both of which are covered by the CompTIA CASP exam. The CASP focuses on managing risk in the enterprise, conducting vulnerability assessments and analyzing network security concepts and components. Obtaining your CompTIA CASP certification signifies that you possess the ability to provide the best cyber security solutions and protection for organizations worldwide.

Not to mention CompTIA Advanced Security Practitioner meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA).

olivia2

Olivia Lynch (@Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the infosec field and is working to make cyber security news more interesting. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.

 

< Back to Blog Posts
Enjoy this blog post? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter Google+ LinkedIn Email
Join Cybrary
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel