The Expanding Attack Surface of Modern Organizations
Organizations today are linking their systems across enterprise-wide networks, virtual private networks, cloud environments, and mobile infrastructure while simultaneously increasing their exposure to customers, competitors, and adversaries on the open Internet. The security market continues to grow in direct proportion to the sophistication and frequency of attacks. Hackers are inventing new methods to compromise corporate networks at a pace that rivals the defensive innovations of the security industry itself. Wireless client devices, network intrusion prevention systems, and the relentless threat of viruses, spyware, and malware are no longer peripheral concerns — they are core infrastructure challenges that demand informed, proactive responses from security professionals at every organizational level.
This article synthesizes the foundational concepts, research insights, and practical guidance contained in the authoritative work "Network and System Security,". Spanning thirteen chapters and contributions from leading experts across academia, government, and industry, the work provides a comprehensive examination of the threats, technologies, and strategies that define contemporary network and system security. The goal here is to distill those insights into a cohesive awareness resource for security practitioners, IT professionals, organizational leaders, and researchers who need to understand the full spectrum of the modern threat environment.
Building a Secure Organization: Why Most Organizations Fall Short
Any thoughtful analysis of network and system security must begin not with technology, but with the organization itself. The foundational insight is deceptively simple: security breaches cost organizations significantly — through tarnished reputations, lost business, legal fees, and regulatory penalties. Regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the Sarbanes-Oxley Act impose mandatory security obligations on businesses across sectors. Yet despite these incentives and legal requirements, many organizations continue to maintain poor security mechanisms, inadequate policies, and a cultural indifference to security that makes them chronically vulnerable.
Understanding why this gap persists requires confronting a set of fundamental obstacles. Security is, by its nature, inconvenient. The more robust the security mechanisms, the more friction they introduce into the daily work of employees who simply want to be productive. Whole-disk encryption, multi-factor authentication, and strict access controls are all sound practices — but each imposes a cost in time and usability that employees and managers routinely resist. Security implementations must therefore be calibrated on a sliding scale between total security and total ease of use, positioned at the point where the level of protection matches the organization's acceptable level of risk.
A second obstacle is the persistent unsophistication of end users. Many employees who are skilled at using productivity applications believe they understand computers fully, while remaining entirely ignorant of basic security concepts. This gap is actively exploited by adversaries. Phishing campaigns, malicious email attachments, and social engineering attacks succeed not because perimeter defenses have failed, but because end users provide the keys voluntarily. The "I Love You" virus and the countless phishing campaigns that followed demonstrated conclusively that the human factor is the weakest link in any security chain.
A third obstacle is the misconception that security is primarily a hardware and software problem. Firewalls, intrusion detection systems, antivirus programs, and two-factor authentication products are essential tools — but no product or combination of products creates a secure organization by itself. Security is a process, not a product. All security tools are only as effective as the people who configure, monitor, and maintain them. Organizations that invest in security technology while neglecting security training, staffing, and culture will find that their expensive tools protect very little.
Finally, the threat landscape has matured far beyond the stereotype of the lone teenage hacker seeking bragging rights. Organized cybercrime groups now operate with hierarchical structures, defined roles, and profit-driven business models. They target organizations with vast collections of credit card numbers, intellectual property, and personal data. Any security program that fails to account for the sophistication and motivation of modern adversaries is dangerously underestimating its opposition.
Cryptography: The Mathematical Foundation of Trust
No discussion of network security is complete without a grounding in cryptography — the art and science of protecting information from unauthorized access through mathematical transformation. Cryptography serves as the bedrock upon which virtually every other security mechanism depends: encrypted communications, authenticated identities, secure transactions, and protected data all rely on cryptographic principles.
The history of cryptography stretches from ancient substitution ciphers through the mechanical complexity of the Enigma machine to the mathematical sophistication of modern algorithms. Substitution ciphers, shift ciphers, and polyalphabetic ciphers established the conceptual vocabulary of the field long before the computer age. The Vernam cipher, also known as the stream cipher, and the theoretical perfection of the one-time pad established that encryption could, in principle, be made absolutely unbreakable — provided the key is truly random, used only once, and kept entirely secret.
Modern cryptography operates at a different scale and with different constraints. The Data Encryption Standard (DES) emerged from the computer age as the first widely standardized encryption algorithm, eventually superseded by the Advanced Encryption Standard (AES), also known as Rijndael. AES remains the dominant symmetric encryption standard in use today, underpinning everything from wireless network security to disk encryption. The Rivest-Shamir-Adleman (RSA) algorithm established the paradigm of public-key cryptography, enabling two parties who have never met to establish a shared secret over an insecure channel — a capability that makes secure e-commerce possible.
The practical implications of cryptography for network security professionals are far-reaching. Every protocol that transmits sensitive data over a network — whether TLS for web traffic, SSH for remote access, or WPA2 for wireless communications — depends on sound cryptographic design. Organizations that fail to enforce encryption for data in transit and data at rest leave themselves exposed to interception, eavesdropping, and data theft at every point where information flows across a network boundary.
Preventing and Detecting System Intrusions
An intrusion is broadly defined as an unauthorized penetration of a computer in an enterprise's domain. The moment an organization establishes an active web presence, it places a target on itself. The attractiveness of that target grows in proportion to the value of what the organization holds — financial data, intellectual property, customer records, and proprietary systems all increase the "juiciness quotient" that draws sophisticated adversaries.
The tools and motives of those adversaries are diverse. Hackers, crackers, and organized cybercrime groups deploy an arsenal of techniques ranging from automated vulnerability scanners and password cracking tools to sophisticated social engineering campaigns and supply-chain attacks. Bots — automated software agents that execute attacker-controlled commands — enable attack campaigns of extraordinary scale. The symptoms of a successful intrusion are often subtle: unexpected account activity, unusual network traffic patterns, unexplained system reboots, or the mysterious appearance of unfamiliar processes.
Effective intrusion prevention begins with risk analysis — a structured process of identifying the organization's assets, evaluating the threats to those assets, assessing the likelihood and impact of successful attacks, and selecting countermeasures proportionate to the risk. Vulnerability testing, which includes both automated scanning and manual penetration testing, reveals weaknesses before adversaries discover them. Regular audits ensure that security controls remain effective as the environment changes.
The technical toolkit for intrusion prevention is broad and layered. Firewalls — whether traditional packet-filtering devices, application-layer proxies, or stateful inspection systems — establish the boundaries of network access. Intrusion prevention systems (IPS) monitor traffic in real time and actively block detected attack patterns. Application firewalls protect web-facing services from exploitation. Unified Threat Management (UTM) platforms consolidate multiple security functions into a single managed appliance.
Controlling user access through authentication, authorization, and accounting (AAA) frameworks is equally critical. Authentication verifies that users are who they claim to be — whether through passwords, tokens, biometrics, or certificates. Authorization ensures that authenticated users can access only the resources they legitimately require. Accounting logs all access events, creating the audit trail necessary for incident investigation and compliance reporting.
Guarding Against Network Intrusions: Defense in Depth
Network intrusions exploit the same pathways that legitimate network traffic uses — making them particularly difficult to detect and prevent without degrading network performance and usability. Traditional reconnaissance techniques such as port scanning, OS fingerprinting, and service enumeration allow attackers to map an organization's network before launching targeted attacks. More sophisticated adversaries combine these techniques with social engineering to manipulate insiders into providing access credentials or installing malicious software.
Malicious software — malware — represents one of the most persistent and damaging threat categories. Viruses, worms, Trojan horses, spyware, ransomware, and rootkits each operate through different mechanisms but share a common objective: to compromise the confidentiality, integrity, or availability of the target system. The web has become the primary vector for stealthy malware delivery, often through drive-by downloads that install malicious code when a user simply visits a compromised website.
Defense in depth is the strategic response to this threat environment. Rather than relying on any single security control, defense in depth deploys multiple overlapping layers of protection so that the failure of any individual layer does not result in a complete breach. Preventive measures include access control enforcement, vulnerability patching, port closure, firewall deployment, antivirus and antispyware protection, spam filtering, and honeypot deployment to attract and analyze attacker activity. Network Access Control (NAC) systems enforce security policy compliance as a condition of network access, preventing compromised or non-compliant devices from connecting to the corporate network.
Detection and monitoring are equally important components of the defense posture. Host-based monitoring tracks the activity of individual systems — file system changes, process creation, registry modifications — for signs of compromise. Traffic monitoring examines network flows for anomalous patterns that might indicate exfiltration, lateral movement, or command-and-control communication. Signature-based detection compares observed activity against known attack patterns, while behavioral anomaly detection identifies deviations from established baselines that may indicate novel attacks not yet captured by signatures. When an intrusion is detected, reactive measures including network quarantine and traffic traceback enable rapid containment and forensic investigation.
Securing Unix and Linux Systems
Unix and its derivatives — including the many distributions of Linux — form the backbone of the internet's server infrastructure. Web servers, database servers, email systems, DNS infrastructure, and cloud platforms overwhelmingly run on Unix-family operating systems. Securing these systems is therefore a foundational requirement for any organization that operates internet-facing services.
Unix was designed from the outset as a multiuser system with a basic notion of user isolation, kernel and user memory space separation, and process security. These architectural foundations give Unix security professionals a solid starting point — but they are far from sufficient in a hostile network environment. The principle of least privilege, which requires that every user and process operate with only the minimum permissions necessary for its legitimate function, must be applied consistently and rigorously across the entire system.
Securing Unix and Linux deployments requires attention at multiple levels. At the network level, unnecessary services must be disabled, open ports must be closed, and host-based firewalls must be configured to permit only legitimate traffic. At the host level, the operating system must be hardened by removing unneeded packages, enforcing strong password policies, configuring secure account management, and replacing insecure protocols — particularly Telnet, rlogin, and FTP — with cryptographically protected alternatives such as SSH. Controlling root access is among the most critical hardening steps: the ability to execute commands with superuser privileges must be tightly restricted, audited, and, where possible, delegated through role-based privilege escalation tools rather than shared root passwords.
Protecting file systems requires careful attention to directory structure, partition design, and file permission settings. Critical system directories should be mounted with appropriate flags to prevent execution or setuid operations. Regular file integrity monitoring detects unauthorized modifications to system files that might indicate a compromise. Proactive defense is completed through regular vulnerability assessment using scanning tools, preparation of incident response plans and procedures, and consideration of organizational factors such as separation of duties and the security value of unannounced access reviews.
Internet Security: Cryptography, Protocols, and the Threat Model
The Internet's architecture — the layered TCP/IP protocol stack that carries virtually all modern digital communications — was designed for interoperability and resilience, not security. The original designers could not have anticipated the adversarial environment in which the Internet now operates. As a result, every layer of the protocol stack presents security challenges that must be addressed through careful cryptographic design and protocol hardening.
The Dolev-Yao adversary model provides the theoretical framework for understanding these challenges. It posits that an attacker has complete control over the network: the adversary can intercept any message, read its contents, modify it, delete it, and inject new messages of their own construction. This is not a hypothetical worst case — it describes the capabilities available to any attacker positioned on the network path between communicating parties, whether through physical access, compromised routing infrastructure, or malicious wireless access points.
Against this threat model, cryptography is the primary defense. Transport Layer Security (TLS) and its predecessor SSL protect application-layer communications from eavesdropping and tampering. IPsec secures communications at the network layer, enabling encrypted virtual private networks. Cryptographic authentication protocols verify the identity of communicating parties and prevent impersonation. Digital signatures ensure the integrity and non-repudiation of transmitted data.
However, cryptographic protection is only effective when it is applied correctly, consistently, and to all sensitive communications. Partial encryption — protecting login credentials while transmitting session data in plaintext, for example — leaves organizations vulnerable to session hijacking and man-in-the-middle attacks. Certificate validation failures, weak cipher suites, and protocol downgrade attacks all represent points at which cryptographic protections can be circumvented. Security professionals must maintain ongoing vigilance over the cryptographic configurations of all network services and promptly remediate any identified weaknesses.
The Botnet Problem: Organized Cybercrime at Scale
Botnets represent one of the most significant and operationally complex threats in the modern cybersecurity landscape. A botnet is a network of compromised computers — known as bots or zombies — that are remotely controlled by an attacker called a botmaster through a command-and-control (C&C) infrastructure. Individual bots are typically personal computers or servers that have been infected with malware without the knowledge of their owners. Collectively, a botnet of tens of thousands or millions of machines constitutes an extraordinarily powerful tool for criminal activity.
Botnets are linked to the vast majority of large-scale internet crimes: spam campaigns, distributed denial-of-service (DDoS) attacks, credential theft, click fraud, spyware distribution, and ransomware delivery all commonly originate from botnet infrastructure. Running a botnet is highly profitable — a fact underscored by numerous high-profile arrests of botmasters who were generating substantial criminal revenue before being apprehended. Traditional botnets relied on centralized IRC-based C&C channels, but modern botnets increasingly use peer-to-peer protocols to eliminate single points of failure and resist takedown attempts.
Defending against botnets requires a layered approach operating at multiple levels. At the host level, bot detection involves monitoring for the behavioral indicators of infection: anomalous outbound connections, unusual CPU and memory utilization, modified hosts files, and the presence of known malicious processes. At the network level, C&C traffic detection involves analyzing network flows for the characteristic patterns of bot communication — periodic beaconing, encrypted channels to unusual destinations, and traffic volumes inconsistent with legitimate user activity. At the internet level, coordinated efforts to detect, neutralize, and sinkhole C&C servers can disrupt entire botnets, although botmasters have responded to such efforts by distributing their infrastructure and encrypting their communications.
The most challenging aspect of the botnet problem is botmaster traceback — the effort to identify and locate the human operator behind the botnet infrastructure. Botmasters protect themselves through chains of stepping-stone proxies, encrypted communications channels, and the use of open wireless access points, mobile phone networks, and public computers to further obscure their location and identity. Even partial traceback solutions have significant value: each successful botmaster arrest eliminates multiple botnets simultaneously and fundamentally alters the risk calculus for criminal operators who might otherwise view botnet operation as a low-risk, high-reward enterprise.
Intranet Security: Protecting the Internal Network
The popular image of the security perimeter as a hard outer shell protecting a soft interior has long been obsolete. Modern intranets are complex, porous environments penetrated by remote workers, mobile devices, cloud services, third-party vendor connections, and the personal devices of employees who blur the boundary between corporate and personal computing. The explosion of social networking and the resulting connectivity boom have further eroded the traditional network perimeter, leaving security professionals with the challenge of protecting an environment whose boundaries are difficult to define and impossible to enforce with traditional controls.
Internal security strategy begins with network access control — enforcing policy compliance as a condition of access to intranet resources. Every device that connects to the internal network should be validated against security requirements before it is granted access. Authentication and encryption protect the confidentiality and integrity of internal communications. Wireless network segments require particular attention, as the physical openness of the wireless medium creates opportunities for unauthorized access and eavesdropping that are not present in wired environments.
Risk and security audits provide the visibility needed to identify gaps and prioritize remediation. Regular audits of network configurations, access control lists, user account privileges, and security logs reveal the accumulated drift that occurs in any complex environment — misconfigurations, abandoned accounts, unauthorized services, and unpatched systems that collectively create the attack surface adversaries exploit. Change management disciplines ensure that modifications to network infrastructure are documented, reviewed, and tested before implementation, preventing the unintended introduction of new vulnerabilities.
Disaster recovery planning is an often-neglected dimension of intranet security. The ability to restore business operations after a security incident — ransomware, a destructive attack, or a major infrastructure failure — depends on having tested recovery procedures, maintained backup systems, and identified alternate operational sites. Organizations that plan only for prevention and detection, while neglecting recovery, will find themselves unable to respond effectively when a significant incident inevitably occurs. Physical and environmental protection — securing data centers, network equipment rooms, and telecommunications infrastructure against unauthorized physical access, power failures, and environmental hazards — rounds out the comprehensive intranet security posture.
Local Area Network Security: Architecture, Detection, and Defense
Local Area Networks (LANs) are the fundamental building blocks of enterprise network infrastructure, and their security is the foundation upon which all higher-level security controls depend. Threats to LAN security fall into two broad categories: disruptive threats that degrade or eliminate network availability, and unauthorized access threats that compromise the confidentiality or integrity of networked resources. Both categories require dedicated defensive responses integrated into the network architecture itself.
Effective LAN security begins at the design stage. Network segmentation — dividing the LAN into logical zones based on function, sensitivity, and risk level — limits the lateral movement available to an attacker who gains a foothold on any single segment. Access control lists on routers and managed switches enforce the traffic flows permitted between segments, preventing unauthorized communications. The deployment of a demilitarized zone (DMZ) between the public internet and internal network resources provides an additional buffer for publicly accessible services.
Network-Based Intrusion Detection Systems (NIDS) provide real-time visibility into traffic patterns across the LAN, detecting attack signatures and behavioral anomalies that other controls may miss. Signature-based detection identifies known attack patterns through pattern matching and stateful protocol analysis. Anomaly-based detection establishes behavioral baselines and flags deviations that may indicate novel attacks or insider threats. Protocol decode-based analysis understands the expected structure of network protocols and identifies malformed packets or protocol violations that often accompany exploitation attempts.
Firewalls remain the cornerstone of LAN perimeter defense. Packet-filtering firewalls operate at the network layer, enforcing simple rules based on source and destination addresses, protocols, and port numbers. Application-layer firewalls — proxy servers — provide deeper inspection by operating as intermediaries between clients and servers, validating application-layer protocol compliance. Stateful inspection firewalls track the state of active network connections, permitting only traffic that belongs to established, legitimate sessions. Each firewall type presents different tradeoffs between performance, security depth, and management complexity, and most enterprise environments deploy multiple types in concert.
Wireless Network Security: Protecting Communications Without Wires
Wireless networks present a fundamentally different security challenge from wired infrastructure: the transmission medium is physically accessible to anyone within radio range, making passive eavesdropping possible without any physical access to network equipment. The security protocols that protect wireless communications have evolved dramatically in response to discovered vulnerabilities, and understanding that evolution is essential for any organization that relies on wireless connectivity.
The original Wired Equivalent Privacy (WEP) protocol, intended to provide wireless security comparable to that of a wired network, was found to contain fundamental cryptographic weaknesses that made it effectively breakable within minutes using freely available tools. WEP has been deprecated and must not be used in any production environment. Its successor, Wi-Fi Protected Access (WPA), addressed some of WEP's weaknesses but introduced others. WPA2, which implements the full IEEE 802.11i standard and uses AES-based encryption, represents the current minimum standard for enterprise wireless security. The more recent WPA3 standard provides additional protections against offline dictionary attacks and strengthens forward secrecy.
Wireless ad hoc networks and wireless sensor networks present distinct security challenges. Without a fixed infrastructure to enforce access control and authentication, securing communications in these environments requires cryptographic protocols designed specifically for resource-constrained devices operating in untrusted environments. The SPINS (Security Protocols for Sensor Networks) framework and secure routing protocols such as SEAD, Ariadne, ARAN, and SLSP address the specific threats of route manipulation, denial of service, and node compromise that are particularly acute in sensor and mesh network deployments. Key establishment and management — ensuring that communicating nodes share authenticated cryptographic keys without relying on centralized infrastructure — is among the most technically challenging problems in wireless network security.
Cellular Network Security: The Most Vulnerable Mass-Communication Infrastructure
Cellular networks have evolved from voice-only telephone systems into high-speed multimedia communication platforms that carry financial transactions, emergency communications, and life-critical services. Yet despite these advances, the security architecture of cellular networks has remained remarkably outdated relative to the sensitivity and criticality of the services they carry. Cellular networks were originally designed for performance rather than security, inheriting their architecture from the public switched telephone network (PSTN) without the benefit of security-by-design principles.
The result is a network that is, by current standards, highly vulnerable. Using simple off-the-shelf equipment, a motivated adversary can cause major network outages affecting millions of subscribers. The cellular network's reliance on internet connectivity and PSTN interconnection creates multiple gateway points through which attacks can be introduced. Network dependencies — relationships between network elements that cause errors to propagate from one location to another through normal network activity — create opportunities for cascading attacks that can produce widespread disruption from a single point of compromise.
A comprehensive attack taxonomy for cellular networks identifies three dimensions of vulnerability: attacks targeting the radio access network, attacks targeting the core network, and attacks exploiting the security implications of internet and PSTN connectivity. Each dimension encompasses a distinct set of attack vectors and requires dedicated defensive measures. Vulnerability assessment toolkits designed specifically for cellular environments provide the systematic analysis needed to identify and prioritize remediation of the most critical weaknesses.
The security implications of internet connectivity deserve particular emphasis. As cellular networks increasingly integrate with internet infrastructure to support data services and internet-based applications, the attack surface expands dramatically. Internet users gain direct access to cellular network vulnerabilities from anywhere in the world, without the physical proximity that earlier cellular attacks required. Addressing this threat requires securing the gateways between the internet and the cellular core network, implementing end-to-end security mechanisms such as EndSec that protect signaling messages from source to destination, and reducing the number of service nodes involved in each subscriber interaction to minimize the points at which adversaries can introduce attacks.
Radio Frequency Identification Security: Protecting the Internet of Things' Foundation
Radio Frequency Identification (RFID) technology annotates and tracks physical objects through embedded electronic tags that communicate wirelessly with RFID readers. Applications span an enormous range: inventory management, supply chain tracking, access control, payment systems, pharmaceutical tracking, and logistics operations all rely on RFID infrastructure. The broad deployment of RFID systems has introduced a new category of security challenges that must be addressed at the protocol, system, and organizational level.
An RFID system consists of three components: RFID tags that carry data about tagged objects, RFID readers that communicate with tags to retrieve or update that data, and back-end databases that store and process the information collected from the field. Security vulnerabilities exist at each of these components and in the communications between them. RFID tags used in high-security applications can be protected using symmetric-key cryptography, where the tag and reader share a pre-established secret key used to authenticate communications and encrypt sensitive data. Public-key cryptography provides an alternative for environments where pre-shared key distribution is impractical, enabling authentication without prior key establishment.
The challenges facing RFID security are numerous and consequential. Counterfeiting attacks involve creating fraudulent tags that impersonate legitimate ones, enabling the introduction of counterfeit goods into authenticated supply chains or unauthorized access to controlled areas. Sniffing attacks involve passively monitoring RFID communications to capture tag data without authorization. Tracking attacks exploit the unique identifiers emitted by RFID tags to monitor the location and movement of tagged objects — or the individuals carrying them — without consent. Denial of service attacks overwhelm RFID readers with spurious signals, preventing legitimate tag reads and disrupting operations. Organizations deploying RFID systems must evaluate all of these threat vectors and implement the cryptographic and procedural controls needed to mitigate them effectively.
The Security Policy Framework: Governance as a Force Multiplier
Across all of the technical domains examined in this article, a consistent theme emerges: technical controls are necessary but insufficient without the governance framework that directs, coordinates, and sustains them. Security policies define the organization's security requirements, assign responsibilities for meeting them, and establish the standards against which compliance is measured. A comprehensive security policy framework encompasses acceptable use policies, access control policies, incident response procedures, change management standards, and business continuity plans.
Security policies must be developed through a process that engages all relevant stakeholders — not imposed by the IT department in isolation. Policies that users and managers do not understand or do not believe are reasonable will not be followed, regardless of the disciplinary consequences specified for violations. Effective policies balance security requirements against operational practicality, clearly explain the rationale for their requirements, and are reviewed and updated regularly as the threat environment and organizational circumstances change.
Security awareness training transforms the workforce from the organization's greatest vulnerability into its first line of defense. Users who understand the mechanics of phishing, social engineering, and malware delivery are significantly less likely to fall victim to these techniques. Organizations that invest in ongoing, practical security awareness training — rather than annual compliance checkbox exercises — measurably reduce the frequency and severity of security incidents attributable to human factors.
Conclusion: Security as an Ongoing Discipline
The breadth and depth of the network and system security domain — spanning cryptographic foundations, operating system hardening, network architecture, threat intelligence, wireless protocols, cellular infrastructure, and emerging technologies like RFID — reflects the complexity of the environment that modern security professionals must defend. No single technology, no single control, and no single point-in-time assessment can provide sustained security in a threat landscape that continuously evolves.
What does provide sustained security is a disciplined, systematic, and organizationally embedded approach to security that combines technical rigor with human awareness, risk-based prioritization with defense-in-depth layering, and proactive vulnerability management with tested incident response capability. Organizations that treat security as an ongoing operational discipline — not a project with a completion date or a compliance checkbox with an annual renewal — are the organizations that are best positioned to detect, resist, and recover from the attacks that are an inevitable feature of operating in the connected world.
The knowledge contained in foundational works like "Network and System Security" remains as relevant as when it was first assembled: the fundamental principles of cryptography, access control, defense in depth, and security governance do not expire with each new threat actor or each new vulnerability disclosure. They endure because they address the permanent structural challenges of protecting valuable information in an adversarial environment — and that challenge will not be resolved by any single technology or regulatory mandate. It will be met, organization by organization, through the sustained commitment of informed and capable security professionals.
Written by Khalil Shreateh Cybersecurity Researcher & Social Media Expert Official Website: khalil-shreateh.com