Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Securosis' Firestarter, 'Old School and False Analogies' →

February 18, 2018 by Marc Handelman in Education, Information Security, Common Sense, Cyberthis Cyberthat, Cybersecurity Economics, Risk Management, Risk Transfer
February 18, 2018 /Marc Handelman
Education, Information Security, Common Sense, Cyberthis Cyberthat, Cybersecurity Economics, Risk Management, Risk Transfer
tightroped.jpg

Risk →

August 05, 2015 by Marc Handelman in All is Information, Information Security, Risk, Risk Transfer

via Robert Graham's well-crafted Errata Security blog, comes this insightful piece on a fundamental lack of expertise in the Information Security racket.

To wit, the inability of information security professionals to quantify risk successfully, and communicate the results to the apropos stakeholders - an activity crucial to providing the fodder necessary to formulate decisions regarding risk avoidance, transfer, mitigation, or acceptance. Something insurance companies have been accomplishing regularly (with a certain level of acceptable success) for centuries....

Todays' Must Read, and a Hat Tip to PhoneBoy.

August 05, 2015 /Marc Handelman
All is Information, Information Security, Risk, Risk Transfer