A long time ago, I heard someone say: “Lottery tickets are a tax for people who are bad at math.” Which is pretty accurate. Have I ever bought one? Well, yeah—but as a conscious choice in a game of “Wow, wouldn’t it be really funny if I won $18 gazillion,” rather than, “I can’t pay […]
The key to demonstrating security value
One of the toughest challenges we face as security professionals is proving the value of what we do. I mean, so many people have the attitude that basically, “We get paid when nothing happens.” And, to a point, that is true. If we’re doing our jobs correctly, then things will go smoothly. However, things going […]
Should we really “always look on the bright side” of risk?
There’s a pretty big divide between “risk managers” and people who actually take risks about the whole “risk and opportunity management” vibe at the heart of ISO 31000 and everything related to it—including SABSA. We spend time in the Foundation course talking about you need to have a balanced view of risk, and without taking […]
Risk assessments: not my job
It always kinda surprises me when I meet a new security team, or even a new security professional, who balks at the notion that risk assessment is a core part of what they do. In some cases, this attitude is institutionalized as team dynamics, so that if the designated “risk team” gets even the slightest […]
Hare we go: arguing the shape of the risk-assessment world
When I was a kid, twern’t no Netflix or even DVDs. If you wanted to watch something, you had 4 stations on the TV (ABC, CBS, NBC and PBS) or you could go to the cinema. I even remember when they built the first multiplex in Mattoon: it had 3 screens all under one roof. […]
- « Previous Page
- 1
- …
- 6
- 7
- 8
- 9
- 10
- …
- 59
- Next Page »