Wednesday, December 31, 2008

Occam's razor & TSCM

Occam's razor - a 14th Century principle which states that the explanation of any phenomenon should make as few assumptions as possible. Good advice.

These days Occam's razor is often -
incorrectly - paraphrased as, "All things being equal, the simplest solution is the best." Wrong, because a simple phenomenon - like information loss - may be complex in structure.

Occam's razor is more correctly interpreted as, "Simplify. Consider just essential and relevant elements. Exclude assumptions."
This is the basis of Murray Associates security consulting philosophy.

1. Most information losses are caused by people - insiders, not spies.

2. Some information losses are caused by poor security - unlocked desks, not picked locks.
3. A few information losses (the worst, and easiest to discover) are technical - bugs in rooms, not laser beams bounced off windows.

Practical prioritization...

1. Before you accuse people, eliminate the eavesdropping possibility.

2. While doing this, conduct an information security audit.

Upon completion, pin-pointing problem people and bolstering defenses is easy.

It pays to think before acting;
plan before spending money.
Let's plan.