One of the things I saw recently was a clip from the 2017 Royal Ascot race where a horse called Growl somehow unseated his jockey in the starting gate, yet he ended up running the whole race solo. It’s kind of an amusing story, and one that shows the power of constant training, repetition and […]
Playing well with the good little ERM children
Two of the potentially challenging things about doing information and cyber security risk assessments are being able to easily leverage any existing risk assessments done by other areas of the organization and being able to integrate the risk assessments we do with the existing risk ratings already being compiled and aggregated by the ERM team—assuming […]
Man vs. machine: where are you going to put your faith?
Yada, yada, yada…AI…big data…security tools…ever increasing threats…AI for good and evil…keeping ahead of the bad guys…yada, yada, yada. That’s a pretty good summary of the security “news” I get in my inbox most days, but on this particular day, I was told that “advanced, AI-based security tools are the only way to plan your defense […]
“Good math” vs. “bad math” in risk assessments
A long time ago, I heard someone say: “Lottery tickets are a tax for people who are bad at math.” Which is pretty accurate. Have I ever bought one? Well, yeah—but as a conscious choice in a game of “Wow, wouldn’t it be really funny if I won $18 gazillion,” rather than, “I can’t pay […]
Should we really “always look on the bright side” of risk?
There’s a pretty big divide between “risk managers” and people who actually take risks about the whole “risk and opportunity management” vibe at the heart of ISO 31000 and everything related to it—including SABSA. We spend time in the Foundation course talking about you need to have a balanced view of risk, and without taking […]
- 1
- 2
- 3
- …
- 19
- Next Page »
