Information risk is the potential for damage to sensitive info - the crown jewels (or assets). Think of risk as a combination of asset, threat source and vulnerability.
Technical people tend to downplay assets, probably because they don't know them too well. Business people know, infra folks don't. And yet, too many biz people expect tech colleagues to take the lead in managing Info Risk. The term "IT Security" only adds to the confusion about who should be on top of the matter.
It's all about the assets.
(some of) my events
- 2019-12-12 Datakommunikation och IT-säkerhet (guest lecturing, Högskolan i Gävle)
- 2019-11-21--22 Samlingsforum 2019 (attending conference, Nyköping)
- 2019-11-05 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2019-10-08 Riskkollegiets seniora pris (co-hosting seminar in Gothenburg)
- 2019-08-22 RISKUT 2019 (co-hosting conference, Stockholm)
2016-07-26
Subscribe to:
Posts (Atom)
last chance...
