Abstract
Orthodoxy can be both beneficial and destructive. Without a certain amount of orthodoxy in defining security practices and terminology, for example, it would be impossible to develop useful standards. However, orthodoxy should never be an end in itself. Security professionals should be judged according to the effectiveness of their recommendations and actions, not by the number of individuals that quote from their catechism. And yet despite the valuable efforts of a number of professional associations and practitioners to develop a common body of knowledge for information security, I believe that we are inexorably moving toward a world in which circumstances are almost as important as standards and definitions. Such an existential approach to security does not imply an intellectual free-for-all; it means being pragmatic, responsive to individual situations, but in a disciplined and internally consistent manner.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
