Security team objectives

William Herrin bill at
Tue Jul 31 18:37:10 UTC 2018

On Mon, Jul 30, 2018 at 12:43 AM, Ramy Hashish <ramy.ihashish at> wrote:
> If you are going to start a security team in a newly founded IT
> organization, what will the objectives/results be?

Hi Ramy,

Sounds like you're putting the cart before the horse. Understand your
security objectives first. That will determine the nature of the
security team or indeed, if there should be a specific security team
at all or some other security structure.

Some common security objectives include:

* Compliance with customer and vendor requirements

* Loss prevention

* Avoidance of legal liability for system compromise

* Avoidance of brand damage due to system compromise

* Operations continuity

Bill Herrin

William Herrin ................ herrin at  bill at
Dirtside Systems ......... Web: <>

More information about the NANOG mailing list