The weakest link revisited [information security]

摘要

It is a common saying that a chain is only as strong as its weakest link-a phrase information security officers, IT managers, consultants, researchers, journalists, and opinion makers reiterate ad nauseam when referring to an organization's information security posture. Most in the information security community would agree that a security architecture is only as strong as its weakest link. However, they usually cannot agree on what that is, and no expert risks making a definite statement about it. We can argue that a security strategy's weakest component will vary from one organization to in other but perhaps we should compare past perceptions of what a weakest link is to what it could well be in the near future.