Layer8
sponsored by Information Security Magazine
|
|
 |
| Posted: |
14 Feb 2008 |
| Published: |
01 Feb 2008 |
| Format: |
HTML
|
| Length: |
4
Page(s) |
| Type: |
Journal Article |
| Language: |
English |
 |
 |
|
ABSTRACT:
Risk management is a process-oriented method, choosing decision models that work with the available information. In today's world of sophisticated malware and ubiquitous connectivity, this means ensuring all systems have some baseline of protection. It also means identifying information that is especially critical to meeting business goals, including regulatory compliance, and finding cost-effective ways to exceed the baseline level of systems protection. For many companies, data leaking from inside is finally being recognized as the type of information risk that most needs addressing. A growing number of organizations are finding that risk management techniques, usually qualitative ones, are not only an effective way to determine priorities, but naturally lead to a closer relationship with the business. New technology continues to bring new exposures, and both regulatory and contractual requirements continue to increase, sometimes in incompatible ways. As life continues to get more complex, we have to grow correspondingly complex in our efforts to reduce losses. If we don't want to be marginalized, we have to communicate in a language that resonates with the business. The business managers don't speak security; they speak risk.
|
 |
AUTHOR:
Jay G. Heiser
|
|
|
|
BROWSE RELATED RESOURCES:
Information Security | Risk Management |
|
View All Resources
sponsored by Information Security Magazine |
 |
|
|
|
Cramsession Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy. cramsession@bitpipe.com
|
