Risk Management | Troubleshooting Linux Firewalls

As already stated, the key to any good computer security program is risk management. Nothing short of a comprehensive risk management program is going to suffice in the rapidly evolving world of computer security. New threats, vulnerabilities, counter measures, technologies, exploits, and products appear on the market everyday. Sooner or later, something will happen that your security model does not account for. Natural disasters such as fires and floods or physical theft of a laptop, and your data can be lost or in the hands of some hostile party. Without a comprehensive and holistic approach to security, you will always be playing catch up. The good news is that computer security is a subset of risk management, so our computer security problems fit nicely into a body of work that stretches back over centuries. There are even whole industries, of which you might already be aware, that cater directly to the risk market, such as insurance companies and underwriters. Risk, as we already mentioned, is a fact of life; you cannot build a perfect security model that will protect you from all possible threats. What you can do is build a good risk management model that accounts for the things you cannot control, the things you can, and how you will sort out the problems that crop up in between. Keep this in mind: It is possible to implement a risk management program that will address your worst-case scenario so that you can sleep at night. The best part is that your program only needs to be as complicated as you need it to be.