Risk or Threat Oriented Security: Which Path Should We Choose?
blog.securitybalance.com
Lately, I've been engaged in various discussions about what should drive our security efforts: risk or threats. It's an interesting debate, and today I want to explore it with you in a more engaging and enjoyable way. Let's start with the risk-based approach. Ideally, this is the way to go. It involves identifying the key assets and evaluating the likelihood and potential impact of negative events to them. We often refer to these key assets as the "Crown Jewels." By understanding the likelihood and impact of those bad events, we can allocate appropriate resources to protect them effectively.
Risk or Threat Oriented Security: Which Path Should We Choose?
Risk or Threat Oriented Security: Which Path…
Risk or Threat Oriented Security: Which Path Should We Choose?
Lately, I've been engaged in various discussions about what should drive our security efforts: risk or threats. It's an interesting debate, and today I want to explore it with you in a more engaging and enjoyable way. Let's start with the risk-based approach. Ideally, this is the way to go. It involves identifying the key assets and evaluating the likelihood and potential impact of negative events to them. We often refer to these key assets as the "Crown Jewels." By understanding the likelihood and impact of those bad events, we can allocate appropriate resources to protect them effectively.