In IT security, the question of when a system is considered “compromised” is less a technical issue and more a decision based on a risk assessment. This requires careful consideration and the most accurate possible determination of the actual initial situation and therefore goes far beyond simply reading off KPIs. What needs to be done? […]