Earlier this year after a session I gave at a conference, an attendee who was new to information security, and had just been assigned this responsibility at a mid-sized organization in the healthcare industry, asked if he could visit with me for a while about risk management. Well, of course! During the course of our conversation I learned that he had gotten some very bad advice about risk management in general, and risk assessments in particular. I know from reading various comments throughout the social media discussion sites that bad advice is becoming far too common, with many (more…)
Posts Tagged ‘SIMBUS’
Risk Management is more than a Risk Assessment
Tuesday, November 4th, 20146 Actions Businesses Should Take During Cyber Security Awareness Month
Tuesday, October 21st, 2014October is National Cyber Security Awareness Month. It would seem the breaches announced virtually every day of this month so far were orchestrated to highlight the need for organizations to beef up their information security efforts and improve their controls.
Sadly instead, cyber incidents seem to have become de rigueur these days. Consumers are getting fed up, and government agencies are proposing more laws. The tide is turning, and soon organizations will be held accountable for more effectively protecting their systems and information, or they will likely face much steeper fines and penalties than ever before. So, now’s the time to take action! Here are six actions you to take this month to start improving your organization’s information security program and associated efforts. (more…)