Security is risk management

• There is no such thing as 100% secure

  • Must make tradeoffs
  • Should be business decisions

• All sound Software Engineering principles apply when building software

  • Document! Assumptions, deployed solutions, etc.

• Seek independent, objective, expert analysis

Previous slide

Next slide

Back to first slide

View graphic version