Information security mistakes are costly, damaging and all too prevalent. Given the obvious repercussions of poor security, one is inclined to believe change agents are in place; however, organizations continue to make seemingly avoidable mistakes when it comes to information and applicationsecurity. This is due to misconceptions and common mistakes that are repeated.
This article introduces five common information security mistakes that organizations make and concludes with recommendations and best practices for building and maintaining a successful information security practice and avoiding these mistakes. These mistakes include:
- Over-relying on Network Defenses
- Believing the Hype of Technology/Tools
- Making too Many “People” Assumptions
- Assuming Secure Software is Costly
- Falling into the “Recency ” Trap