Cloud & Telecom Security

Another way of thinking about it, specifically that if you want security then you must control the future, if you want to control the future then you must be able to draw conclusions from what you know, if you want to draw conclusions then the basis for those conclusions must be reproducible, and if you want reproducible bases you have to have a measurement regime.

- Dan Geer

- Good enough is good enough.
- Good enough always beats perfect.
- The really hard part is determining what is good enough.

- by Ravi Sandhu

You can download the whole paper here.