One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 4813037 |
| Date de publication | 2022-05-26 14:13:08 (vue: 2022-05-26 03:06:12) |
| Titre | Iterative scientific infosec |
| Texte |  Here's a simple, generic way to manage virtually anything, particularly complex and dynamic things: Think of something to do Try itWatch what happensDiscover and learnIdentify potential improvementsGOTO 1It's a naive programmer's version of Deming's plan-do-check-act cycle - an iterative approach to continuous improvement that has proven very successful in various fields over several decades. Notice that it is rational, systematic and repeatable.Here's a similar grossly-simplified outline of the classical experimental method that has proven equally successful over several centuries of scientific endeavour:Consider available informationPropose a testable hypothesisTest it (design and run experiments)Watch what happensDiscover and learnGOTO 1Either way, I'm a committed fan. The iterative approach with incremental improvements, works well. I approve.Along the way, aside from pushing back the frontiers of science and technology and achieving remarkable advances for human society, we've also learned about the drawbacks and flaws in the processes, and we've developed assorted mechanisms to reduce the risks and increase our chances of success e.g.: Key to 'improving' or 'advancing' is to be able to recognise and ideally measure the improvement or advance - in most cases anyway. Improvements or advances that happen purely by chance ('discoveries') are welcome but rare treats. A big issue in quality assurance is the recognition that there are usually several competing and sometimes contradictory requirements/expectations, not least the definition of 'quality'. For certain customers, a rusty old heap of a car discovered in a barn is just as much the 'quality vehicle' as a Rolls Royce to its customers. Likewise, security improvements depend on one's persp |
| Envoyé | Oui |
| Condensat | here quite 1either 1it 27001 ability able about absent absolutely access accordingly achieve achieved achieving acknowledging across act actually adjusting adjustments adoption advance advances advancing adverse afford after again airline all allow along already also although among and/or angle another answer anticipated antivirus any anything anyway applications appreciated approach appropriate appropriately approve are area argument arising around aside aside: assets associated assorted assurance audits availability available back barn because been before begging being benefit benefits best big blend blind blog board breaking bright broader business but came can can/should cannot car care cases centuries certain chance chances changed changes changes: check checking clarify classical clear climbing cloud collaborating committed common commonly community competing complex confidentiality conscious consider considered context contingency continue continuity continuous contradictory contributed control controls controls: conventional corporate corresponding could/should course crucually current customers cycle damage date decades decides decision deeper define definition deming depend dependent deploying depth described design designing detection detective developed did didn digging disclosure discover discovered discoveries discovering doesn don done drawbacks due duly dynamic easy efforts employed employees encouraged end endeavour:consider enforced ensure equally especially estimated etc evaluate evaluated even ever example examples existing experiment experimental experiments exploitable exploitation exposing extent facilitate facilitated fact factor fail failed failure falls fan far field fields figuring finite flaws form forms from frontiers future gain general generally generic giants give given going governance grossly grown hackers hadn hand happen happens happensdiscover hard has have headway heap help hence here higher highly hmmmmmmm hopefully how however human hypothesistest ideally identified identify immature impacts implementation/change implementations implemented important improve improvement improvements improvementsgoto improves improving in: incident incidents including increase incremental individuals industry information informationpropose infosec initiatives innovation instance integral integrity intelligent intended internal introduce involve involved involves isms iso/iec issue issues iterative its itself itwatch just justified key know know: knowing knowledge lack large layers learn learned learngoto learnidentify learning least legitimate less likely likewise little lives loose lot made major make making manage managed management managers manner mature may maybe means measure measures measuring mechanisms mentioned method metrics microscope might minor mitigated mitigating monitoring more morning most move much multiple myriad naive nature need new new/changed not notably notice noticeable objective objectives occurring often old omission once one ones ongoing only open opportunity order organisation organisations originally other others ought out outline over overlaid papers part particularly passsword patching paucity peer perhaps periodic perspective pick piece plan planning plus point policies policy post potential potentially powers predict preferably principles probabilities probability probably problem process processes programmer progress project projects protect protecting proven provided purely pushing putting quality questions rare rather rational reaching reactive really reasonably reasons recognise recognition recovery redouble reduce reducing registers regression regular relating relation reliable remains remarkable repeatable reported require required required/suggested requirements/expectations requires resilience resources responses responsibilities responsible result reviews revolves right risk risks risky rolls royce run rusty said say science scientific security seems seen seldom selecting selectively selfishly sense serious several sharing should sho |
| Tags | Patching |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.