Some argue that risk is a useless paradigm when a breach has occurred. It is happening, probability 100%, why theorize further?
To me, this analysis is surprisingly shallow.
Being under attack is not a binary thing, it is not about an enterprise losing its virginity once and for all. Sure, we must deal urgently with the current incident. But there's a host of potential events awaiting tomorrow which need to be foreseen and prevented.
Today's incident enlightens us in assessing current risk.
(some of) my events
- 2021-09-21--23 Northern European Emergency and Disaster Studies (presenting at conference, Östersund)
- 2020-12-11 Datakommunikation och IT-säkerhet (guest lecturing, Högskolan i Gävle)
- 2020-10-22 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2020-10-21--23 Samtidskonstdagarna (attending conference)
- 2020-09-22 RISKUT 2020 (co-hosting conference)
No comments:
Post a comment