Cybersecurity expert: How do you protect your company from once-in-100-year hacker storms without wasting time and resources? IT often hurts its own cause by painting generalized worst-case scenarios. IT should not make the ultimate risk decisions, he says, but it’s up to senior management to determine risk thresholds. Not all assets in a high-risk area should receive the same level of protection. The best companies identify their “crown jewels” and give them all due protection.”]
Source: https://www.csoonline.com/article/2615824/which-assets-get-more-security–make-management-decide.html