Risky Business: IT Security Risk Management Demystified – Full publication
- Published on Tuesday, 14 August 2012 15:36
- Written by Mike McClain, Web Editor
As a career security practitioner and Chief Security Officer to several companies over the years, my significant responsibility to the organization I am responsible for is simply to reduce or eliminate threat exposures to its core business assets. Depending on the nature of that business and its size, this might be a daunting task at first blush, however, I have discovered that with an organized, systematic approach, you can approach risk management effectively. Risk simply put is the negative impact to business assets by the exercise of vulnerabilities to those assets, considering both the probability of that event as the Single Loss Expectancy (SLE) and the resulting impact of the occurrence, otherwise known as the Annualized Loss Expectancy (ALE) both terms of which I will define more in depth shortly.
To read the article, please click here: