Risky Business (Part 2): Why You Need a Risk Treatment Plan
- by nlqip
Now hear this: You will always have exposure.
No company has the ability to mitigate all risks at all times. No company I’ve ever visited has even had all of its identified risks treated at any given point.
Yet so many companies lead their security strategy with controls. They’ll make sizable investments in security appliances without fully understanding why the appliance is required. They’ll implement their controls without documentation of what the actual risks are and how they’re being treated.
Read the full article published January 11, 2018 here: http://www.securityweek.com/risky-business-part-2-why-you-need-risk-treatment-plan by Security Week.
Source link
lol
Now hear this: You will always have exposure. No company has the ability to mitigate all risks at all times. No company I’ve ever visited has even had all of its identified risks treated at any given point. Yet so many companies lead their security strategy with controls. They’ll make sizable investments in security appliances…
Recent Posts
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage
- This Windows PowerShell Phish Has Scary Potential – Krebs on Security
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
- Tor says it’s “still safe” amid reports of police deanonymizing users