I really believe that information security is about the business and we need to bring the business together, specially when doing risk management. But doing risk management together with the business is not always pretty and easy. There are two factors that can make it a real nightmare: The "pointy-haired boss factor" and the Threat Level business point of view.The pointy-haired boss factor is easy to understand if you
Why risk management doesn't always work
Why risk management doesn't always work
Why risk management doesn't always work
I really believe that information security is about the business and we need to bring the business together, specially when doing risk management. But doing risk management together with the business is not always pretty and easy. There are two factors that can make it a real nightmare: The "pointy-haired boss factor" and the Threat Level business point of view.The pointy-haired boss factor is easy to understand if you