Armed with knowledge of real world adversarial tactics, I believe in focusing security assessments on finding critical architectural and procedural gaps, then establishing a holistic, multi-stakeholder, get well plan to securely enable business operations.