There are common practices and mistakes made by board members (and exec support staff) that leave businesses at significant risk of security breaches.
Do you know where data is, what data is with whom and what they are doing with it? This is a post originally published on LinkedIn and prompted by a Business Value […]
More grist to the risk quantification mill, by Maritza Santillan for Tripwire State of Security Blog.
Ponemon Institute and SafeNet Research Reveals that IT is Losing the Battle on Security in the Cloud
Oct. 29, 2014 A majority of IT organizations are kept in the dark when it comes to protecting corporate data in the cloud, putting confidential and sensitive information at risk. This is just […]
Ramblings on risk starting with John Pescatore and ending with comments from FAIR risk framework creator Jack Jones. This is a direct transcription of a discussion about risk management on LinkedIn started […]
There is no such thing as Information Security risk. There are just business risks that have one or more security or IT related causes.
My answer to the August expert panel question for Information Security Buzz: In your opinion, what are 3 key elements to succeed in a positive security culture and what tips can you provide to implement change
It’s fun to be reminded how vulnerable the web can be, but if it’s as ropy as reported, will your cloud supplier be there when you need them?…