In Infosec, there are risks (what could happen) and incidents (what has happened).
We deal with risks proactively by asking questions. Identify, describe, quantify and so on. We treat the risks, hopefully avoid them.
Incidents call for a reactive posture. How can we recover?
A mature organization prefers to be proactive as opposed to reactive. One way is to interconnect the two approaches. Analyze your incident history so that recurring issues can be addressed. Don't forget that rear mirror.
Read more about distinguishing between risk and issue at The Innovation of Risk.
(some of) my events
- 2019-04-09--11 Operativ informationssäkerhet (teaching course, Stockholm)
- 2019-03-06--08 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2019-01-29 Certifierad informationssäkerhetsarkitekt, del 1 (co-teaching course, Stockholm)
- 2018-12-13 Datakommunikation och IT-säkerhet (guest lecturing, Högskolan i Gävle)
- 2018-12-05--07 Teknisk informationssäkerhet (teaching course, Stockholm)