In a recent article written by David Lacey and posted on his IT Security blog, the cyber-attack against Lockheed Martin is addressed in a way to show that this incident contains valuable lessons for ever one to heed.

To achieve this purpose, Mr. Lacey discusses the following key principles to remember when dealing with the potential, if not real, threats of cyber-attack:


  1. If you have secrets big enough to protect then you need more than one level of strong protection to do so.
  2. Don’t do what everyone else does.
  3. Try to be imaginative.
  4. If there is any suspicion that your authorization system might have been compromised, then address it immediately.
  5. Think about having a catastrophe plan for major failures with massive business impact.

The final thought Mr. Lacey derives from his “lessons to learn” approach is stated as, “You can’t manage security today with industrial age tools such as quality management systems.”

While this article uncovers some old and new, as well as some obvious and some controversial conclusions to consider about cyber-attacks – it is a good addition to bring to the many disaster preparedness and business continuity meetings held by IT information security specialist trying to build an effective and lasting defense against such threats of security breach.

Click here to read this article and learn the reasoning behind Mr. Lacey’s key principles stated above ….

Photo courtesy of

Pin It on Pinterest