Security is a Process

Security is not something that comes out of a box and it is not easy to get right.

Security has little to do with locks and keys

The challenge comes when we look at the details.

Sometimes a security process will fail. This is a mathematical certainty. There is no such thing as perfect security.

The real question is what threats exist in a particular context and how long do they need to be deterred?

Good security is a known compromise.