Security x Policy – What is the difference between them?

On my perspective I see information security similar (not equal) to policy.

Working in information security during 10 years of my life I always faced new malware, new infection, created procedures, script to fix something or to prevent something and always appear new malwares, infection, someone by passing procedures and then, you need to figure out or fight with this risk but why?

Those guys do this to personal benefit they create a new threat to get a kind of benefit (money or reputation) and then I try to eliminate all possibilities to prevent the company lose your money with simple breach.

A DoS attack or a simple SQL Injection is known to years but guess, they still working.

Now looking to scenario in my country I can say that “Policy” occur the same thing due bad people that want by pass the rules or simply stolen without guilt and how is fighting against those people?

I don’t know yet, do you know? Tell me your opinion.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s