Compound Security Strategy (CSS)
Using the socratic method « knowledge is inside you », we will make this course not as a outpouring of knowledge but a process of queries and inquiries that lead to answers through the power of imagination and intuition. Think and grow wise thus unquoting Napoeleon HILL.
Any effective CSS must have these very three interrelated elements :DedicationEach person much show a certin amount of dedication to the good of the company to abide by laws and regulations pertaining to securitySense of belonging or ownershipThe more people who have the ownership of an entity or have the sense of belonging for an entity( stock options, shares, bonds…) , the more people will be willing to sacrifice to make the entity move aheadMotivationThe more people are motivated (reward, award, sanctions) to dedicate their skills , time and energy for an entity the more the entity will move safely forward in security or adversely move backward.1. ManagementThere is a need to have a management that has the necessary attention and quality to work for the good of the company, to make room, to abide fully and be fully aware of the necessary security measures that must be implemented and ensure that those measures are duly implemented without fear or favor.2. Rank and fileThe must be a set of policies and procedures to help each and every staffer of the entity to get promoted, to be given responsibility within the system and be acknowledged in whatever steps taken to make the company better and more secure.The must be a culture of healthy competition for the advancement of the entity. And steps must be taken to empower whoever want to make the entity better.3. StructureDue measures and actions should be taken regarding the safety and security of the building sheltering and safeguarding the other assets of the entity. Due procedures must be followed in having multiple security access points and to prevent the single point of failure threat ( building (hot site, cold site warm site) hvac system.4. Data (back ups system(full, incremental, differential, copy )) the back up must follow the criteria of best method , available technology , qualitative technology and best cost and quality ratio.5. ControlThere is a need of a certain amount of control that allows creativity6. Think tankEverybody should be encouraged to have disruptive creative thinking7. Training (initial, ongoing ,differential, creative)There is a need for continuous and constant training of the company staff at all levels to keep up with the security current standards. The training is scheduled based on ( availability quality and cost of training called for)(minimum IT, communication, management, kaizen skills required for the rank and files, Basic social engineering phishing, Basic smartphones, pc, ipad, iphone usage, CCTV, HVAC )8. Work and life balanceNever work the work that is not neededNever live the life that is not worth Glabrio glass9. Self –awarenessWhat is self awareness ? That is the question.