- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Pockets of Chaos: Management Theory for the Process of Computer Security
- Abstract
- The security process is often described as being layered. Some layers are designed to protect, some to detect and others offer fail-safes. The most secure systems are the ones built with security in mind from the ground up. However, more often than not, we are forced to address security as an afterthought. This paper discusses Computer Security as an ongoing journey, not simply a destination and outlines a flexible security framework that manages "pockets of chaos" to better help organizations achieve their security goals.