I shamelessly decided to reuse and extend her mind-map style diagram from a system security centric view into something more generic and operational on IT security.

Then, I came with this first version of the diagram:

A the moment it is probably quite incomplete and incoherent on some aspects, but I am quite satisfied of the shape it is taking. I will certainly update it quite often, as soon as I think about something new.

I find it convenient as a memo summarizing goals, steps and tools to achieve security. It may also help clarifying some points during a presentation.

Feel free to use it (as long as you keep the credit to this website). I am waiting for your comments and suggestions on how to improve it.