This is a counterpoint to the Network World article “Why risk management fails in IT” Richard Stiennon, chief research analyst at IT-Harvest, says IT security is becoming more sophisticated. Technology is addressing the “find the needle in the stack of needles” problem and identify where important data is flowing out of or into the organization and where it ends up. Identification of assets is achievable and assigning a business value to the business can be determined, he says. IT security doesn’t have the number-crunching abilities of financial risk modeling or broad history of market data.”]
Source: https://www.csoonline.com/article/2132396/why-risk-management-can-succeed-in-it.html