Even a network maintained by the most diligent security professionals will occasionally suffer from a security breakdown. A security breakdown is an incident that results in the opportunity for an information system to be compromised. The breakdown does not have to result in an actual compromise; the opportunity for compromise is an event unto itself. The three main categories of security breakdowns, in order of commonality, are technical, human, and procedure related.

Technical security breakdowns are the most common form of security breakdown. Technical security breakdowns are the result of a failing in either the security systems or the information system itself. This could be the result of a misconfigured firewall or the introduction of a new bug in the web server software. Although a good security plan will include procedures to keep externally exposed software and hardware up to date, security patches released by software and hardware vendors frequently include fixes for security problems that have been discovered in the wild. This means that any system that is exposed to a threat, whether external or internal, is a possible technical security breakdown (Whitman & Mattord, 2009).

Security breakdowns can also be caused by humans. Although these breakdowns can be mistaken for technical or procedural breakdowns, they are most frequently caused by people willfully ignoring security procedures. Some individuals may choose to ignore security procedures because those procedures require extra steps that make something more difficult to do. Other individuals are not properly educated in the appropriate security procedures and mistakes are the result. A lack of training is another kind of human-related security breakdown (Whitman & Mattord, 2009).

The final category of security breakdowns are procedural breakdowns. These breakdowns occur when procedures are not in place to handle a security-related event. In some situations, it can be said that procedural breakdowns are the most common kind of security breakdown. Those cases are mainly in situations where no security procedures are in place at all. When security procedures exist, and are routinely reviewed for relevance and accuracy, procedural breakdowns are rarely the reason for a security breakdown.

References

Whitman, M. E. & Mattord, H. J. (2009). Principles of information security (3rd ed.). Boston: Thomson Course Technology.