Since the Rainbow Series, MIL-STD-1785, and the IATF we learned as security pioneers in the public sectors that both static and dynamic elements of life cycle were required. But those who came after us in the private sectors were not mentored, trained, or apprenticed made assumptions that all requirements can be answered with just a static response or process outside of the life cycle. The revolution happened before just not heard with the lessons learned from the Rainbow Series, MIL-STD-1785, or the IATF v3.1.
Excellent post
Since the Rainbow Series, MIL-STD-1785, and the IATF we learned as security pioneers in the public sectors that both static and dynamic elements of life cycle were required. But those who came after us in the private sectors were not mentored, trained, or apprenticed made assumptions that all requirements can be answered with just a static response or process outside of the life cycle. The revolution happened before just not heard with the lessons learned from the Rainbow Series, MIL-STD-1785, or the IATF v3.1.