ABSTRACT

AUTHOR: A. Guarino

MEETING: 65th Meeting of IFIP Working Group 10.4 on Dependable Computing and Fault Tolerance

VENUE: Sorrento, Italy (January 23-27, 2014)

TITLE: The fault of defaults - don't let anyone else make your security choices

Successful cyber protection of an organization requires thorough attention in selecting the brand/models
of the building blocks of its security system, but while you get them in place, you must be able to set-up
a dynamic, context-aware process for evaluating, choosing, and applying the right rules and the corresponding
exceptions. Failing to do this will leave you trapped in the false comfort zone of the "default"
(sometimes referred as "recommended") set of rules/actions. Are you sure that something written to be good for
the most is really good enough for you?