The pull towards complexity is something that isn’t a new phenomenon. Security experts have been cautioning complexity for decades.
Bruce Schneier summed it up best in 1999 when he said, “Complexity is the Worst Enemy of Security” in an essay titled “A Plea for Simplicity.” He couldn’t have been more spot-on.
However, the easiest gateway to get through complexity is to look at security through a risk-based lens.
By assessing risk looking from the top down, you get a broader view of your security landscape. This more holistic and comprehensive view allows you to see the gaps that may be left by other approaches to security. It also becomes easier to digest as you can clearly “see” and prioritize elements security landscape in a shorter amount of time.