Managing Your Security Risk
Have you heard the Steve Martin quote “Be so good they can’t ignore you”? The outcome of following this advice is typically positive for society. Unfortunately, our cyber adversaries have also tackled this quest and through rapid advancements, ultimately pose a greater and more constant threat to business and consumers alike, a threat which can’t be ignored.
Risk Management Process.
Personable. Strategic. Timely.
There are four approaches to dealing with risk:
- Reduce or Mitigate
Implement controls and countermeasures
- Assign or Transfer
For example, insurance (assignment) and outsourcing (transfer).
What is your risk tolerance/appetite? Management evaluates the risk and determines whether to accept the risk and the related consequences of not implementing controls.
- Reject or Ignore
The first step is acknowledging that the 4th risk management “option”, is not an option at all (not to mention potentially negligent), and to realize that with some effort, we can develop legitimate risk models that take into account what a breach would cost, quantify risk based on market data, evaluate qualitative factors, and leverage the results to make informed business decisions.
Reading this is a step in the right direction. Continue your quest to conquer risk management and contact us today!