Cut the Bushes
Updated: Feb 26
Orcus was a Roman god of death responsible for punishing people that broke their promises.
Many of the security issues I deal with are a result of people not keeping up with the things they promised to do. Organizations aren't keeping good inventory, they aren't applying patches like they said they would, they aren't following procedure when installing new software, they aren't training their users. NASA's jet propulsion lab got hacked because someone plugged in a Raspberry Pi, but didn't register it properly. As a result, it wasn't properly patched and the attackers were able to get a foothold into their network.
The solution for many, especially security vendors, is to add more fancy security tools with flashy dashboards. You can put in better locks, you can install alarms, you can put in security guards, you can install cameras and every single company selling those things will tell you that they're the solution to the problem.
My approach to security is that you need to cut your bushes and make sure that the outside of your facility is well lit. Keep up with basic hygiene and you will solve the vast majority of your security problems. That's what Orcus is about.