Some argue that risk is a useless paradigm when a breach has occurred. It is happening, probability 100%, why theorize further?
To me, this analysis is surprisingly shallow.
Being under attack is not a binary thing, it is not about an enterprise losing its virginity once and for all. Sure, we must deal urgently with the current incident. But there's a host of potential events awaiting tomorrow which need to be foreseen and prevented.
Today's incident enlightens us in assessing current risk.
(some of) my events
- 2019-05-15--17 Teknisk informationssäkerhet (teaching course, Stockholm)
- 2019-04-09--11 Operativ informationssäkerhet (teaching course, Stockholm)
- 2018-03-26 Beyond the Static InfoRisk Assessment (presenting at Åre Risk Event)
- 2019-03-06--08 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2019-02-07 Säkerhetsarkitektur - ingenjörskonst eller hantverk? (hosting seminar in Falun)
last chance...
No comments:
Post a Comment