People, Process, Technology = Security strategy
It is an old security methodology to review what is necessary in a Security Strategy: People = we know people can cause security holes, give out security secrets, or perform unknown(and known) security problems… People, Process, Technology = Security strategy