How to engage with the C-suite on cyber risk management, part 3

The ultimate goal of metrics and controls and of the entire security organization is to lower risk to a palatable level for the business. These metrics will allow you to report risks to the business in ways that will resonate with boards. The industry often relies on numbers like 300,000 malware alerts to explain risks. These quantitative terms offer little context for the listener, but its important to tie risks to specific information assets. For KRIs to be meaningful, we need to better understand what we are to protect. We must create BusinessAs to what the company cares about.”]

Source: https://www.csoonline.com/article/3243327/how-to-engage-with-the-c-suite-on-cyber-risk-management-part-3.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

YubiKey Security: Initial Setup with Yubi Cloud

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Certificate Security in the Wild West

Categories

Partners

Just add here your partners image or promo text