CostasKSometimes the difficult bit in #cybersecurity is arguing against the need to implement control.
#threatmodeling helps to portray the situation, but there is almost always a lot of "defence in depth" and "you never know" that makes people err on the side of implementing every single control, everywhere.
#threatmodeling helps to portray the situation, but there is almost always a lot of "defence in depth" and "you never know" that makes people err on the side of implementing every single control, everywhere.