SEARCH RESULTS
 
Showing 1-10 of 857 records
 
Expand article

What is a Wise Risk Decision Worth? or ISO 27001 KPIs Follow Up

2008-12-03 15:47:11 by Alex in RiskAnalys.is
 
So yesterday I asked readers to comment on thoughts I had that came from a question asked on the ISO 27001 Google Group How I can communicate the value of an ISO implementation to non-security management This question came to me after one of the posters on the ISO Google Group asked about KPIs for ISO implementation. Got great responses in...
 
Tags: iso, iso google, iso adoption, iso implementation, iso folks, iso adoption helps, risk, google iso compliance, iso implementation differs
 
 
 
 
Expand article

Virtually every Windows PC at risk, says Secunia

2008-12-03 05:00:00 by Editor in Computerworld Security News
 
More than 98% of computers running Windows harbor at least one unpatched application -- and nearly half contain 11 or more programs at risk from attack, according to Danish security company Secunia
 
Tags: windows harbor, risk, half, attack, programs, application, computers
 
 
 
 
Expand article

What Are You Managing Towards? (And On Disproving Risk Management)

The Article has images
2008-06-03 14:41:11 by Alex in RiskAnalys.is
First, Id like to thank Steve McCalmont for including FAIR in his excellent article in the May 2008 ISSA Journal, Streamlining the Risk Management Process. Three quick things to anyone who has read it and is visiting our blog for the first time We dont believe that the goal of Quantitative Risk Analysis is to be precise. We believe the goal is...
 
Tags: management, risk management, term risk management, management focuses, management approach, risk management process, patch management, cost management, upper management
 
 
 
 
Expand article

Wakeup Call for Risk Management

2008-09-19 10:11:09 by Burton Group in Security and Risk Management Strategies Blog
 
Blogger: Dan Blum With the crisis in financial markets still unfolding, it is important to draw what lessons we can from the experience. Since the roots of the crisis lie in a monumental failure of risk management, its important to understand more about what happened, and then draw some parallels to our business risk management and IT risk...
 
Tags: risk management, risk management debacle, risk management failure, failure, risk management realistic, business risk management, risk management models, risk, risk management situations
 
 
 
 
Expand article

Rational Risk Management, Angry Italians, and Irrational Security Analysts

2008-11-17 16:43:15 by Alex in RiskAnalys.is
 
Hope you all had a great weekend. I had meant to point you earlier to a FAIR analysis that Chris Hayes did over at his Blog . But Ive been a little busy, and before I could mention it, Stuart King put up a kind of angry response on his ComputerWorld blog. Snark aside, there are a couple of other really troubling aspects of Stuarts reaction to...
 
Tags: risk, risk tolerance, risk models, practical risk analysis, strong risk anlayses, generous risk geeks, immature risk analysis, quote chris hayes, chris hayes
 
 
 
 
Expand article

One Mans Frustrations With Risk Management

2008-09-23 18:05:20 by Alex in RiskAnalys.is
 
Chris, who is a male in Government C&A has a blog with a wonderful title: How is that Assurance Evidence Id love to have another blog even more specific - Ok, that Assurance is Evidence Of What, Exactly Today he has a great article called Whats the matter with Risk Management And in short, its everything. It pretty much sums up why I had to grow...
 
Tags: risk management, risk management methodologies, risk management approaches, risk, risk management methodology, risk management models, risk professionals focus, risk analysis, specific
 
 
 
 
Expand article

Why Risk Management Doesnt Work (?!)

2008-10-08 17:15:14 by Alex in RiskAnalys.is
 
Several folks (Hi Daniel , Brent , David !) sent email & twitters asking us our opinion on a Dark Reading article called Why Risk Management Doesnt Work which if you click on the link should come up for you after seeing someones advertisement for a few seconds Im assuming the author wants us to read the title as Things to Look Out For in...
 
Tags: risk management, information, information risk management, risk, poor risk management, information security risk, reduce risk, risk analysis, cool report
 
 
 
 
Expand article

A Cryptographer and a Data Communications Guy Talk About Risk Management

2008-10-16 15:32:16 by Alex in RiskAnalys.is
 
Sounds like the beginning of a joke, right? So these two guys walk into a bar The Bruce Schneier and Marcus Ranum have an article up on TechTarget/Information Security Magazine called, creatively enough, Bruce Schenier, Marcus Ranum debate risk management Unfortunately, to get to the article, youll have to either already be a subscriber to IT...
 
Tags: risk management, management, risk, engineer risk management, methodologies, risk assessment methodologies, risk models, risk analysts, models
 
 
 
 
Expand article

Risk Preferences in Chimpanzees and Bonobos

2008-04-17 06:20:51 by schneier in Schneier on Security
 
I've already written about prospect theory, which explains how people approach risk. People tend to be risk averse when it comes to gains, and risk seeking when it comes to losses: Evolutionarily, presumably it is a better survival strategy to -- all other things being equal, of course -- accept small gains rather than risking them for larger...
 
Tags: risk preferences, risk, relative risk preferences, risk-prone behaviour, approach, people approach risk, people, losses, risk larger losses
 
 
 
 
Expand article

Risk Management and Analysis Standards Update

2008-06-17 16:51:27 by Alex in RiskAnalys.is
 
Were kind of having a big day today. Three things are going on tha