Tying It All Together
As daunting as each of the tasks in this chapter might seem, the most important thing to remember is that efforts must be started to address them in unison. For example, protecting your perimeter won't help with internal intruders when your systems aren't secured. By the same token, even if your systems are secured, it will be hard to defend yourself from distributed denial of service attacks when your network security is in shambles. Finally, even if you have most of the technology problems under wraps, this won't stop your users from making damaging security blunders.
Overwhelmed yet? Don't be. Rare are the organizations that have managed to get on top of all of these issues, which is precisely why defense in-depth strategies are so popular; they help reduce single points of security failure. By building your security strategy around many of these foundational concepts, you can create tiers of protection. Your organization's overall security strength will ultimately depend on how many of these efforts get off the ground, and how successful each of them becomes.
This book can help you with many of the areas you'll need to address. Use it to help identify what you want to protect. Use it to learn about various information security technologies, and how they can make your life easier. Use it to learn about operating system security, network security, and application security. Use it to gain a holistic view of the information security landscape, and learn how to leverage this knowledge in today's technological age.