October 19, 2018
by Mike Davis, alliantgroup Chief Information Security Officer
Published in SIIA
Any cyber risk posture really does depend on your environment and business. The way to minimize the fog of cyber security complexity is to quantify it for your company, ideally based on risk value. We all know that cyber risk is in the “eyes of the beholder” (CISO versus C-Suite versus Board) and finding a common vernacular therein – like risk.
Short answer; use a Risk Based Security Strategy (RBSS). One that focuses on cyber hygiene, access management, encryption and monitoring (along with an effective third party/vendor risk management effort). Risk is a combination of threat, vulnerability, likelihood and impact/consequences along with asset values. Next, we provide the rationale and ‘cyber story’ that goes with that RBSS assertion.
Cyber security is a wide capability area with complex technical and business interactions, […]