Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log
tightroped.jpg

Risk →

August 05, 2015 by Marc Handelman in All is Information, Information Security, Risk, Risk Transfer

via Robert Graham's well-crafted Errata Security blog, comes this insightful piece on a fundamental lack of expertise in the Information Security racket.

To wit, the inability of information security professionals to quantify risk successfully, and communicate the results to the apropos stakeholders - an activity crucial to providing the fodder necessary to formulate decisions regarding risk avoidance, transfer, mitigation, or acceptance. Something insurance companies have been accomplishing regularly (with a certain level of acceptable success) for centuries....

Todays' Must Read, and a Hat Tip to PhoneBoy.

August 05, 2015 /Marc Handelman
All is Information, Information Security, Risk, Risk Transfer
  • Newer
  • Older