The fun part of any Enterprise Security Risk Management (ESRM) program is starting with some interesting “what if” questions.
The move to Enterprise Security Risk Management, or ESRM, is a significant journey for organizations looking to reap the benefits of a risk-based, business focused approach to securing assets across the enterprise.
As I begin another year in the security industry, I’m hopeful that during 2017 we see our profession focus on Enterprise Risk Management, and that we begin the journey to identifying ourselves more closely as enterprise risk professionals.
The recent attacks on the Domain Name Service (DNS) hosted by Dynamic Network Services Inc. (Dyn) demonstrates a principle of risk management that we sometimes neglect to factor during our internal risk assessments — the impacts we may face from business partners or technology providers that cannot service our needs.
We recently relocated to the West Coast for work, to enjoy the lifestyle living by the ocean brings, and focus on new challenges for my employer.
I gave a presentation to a number of graduate students at a recent conference, and was struck by how energetic and engaging the students were.
As an organization matures its risk management program, opportunities arise to identify controls that satisfy a number of similarly themed risks.
There are a plethora of articles written about the risks we’ll face in 2016.
Privacy Vs. AnonymityPrivacy and anonymity are different things entirely. Privacy means the exchanged information is not visible to people outside the conversation but the parties to the conversation are known or can be identified. Anonymity means that at least one party to the conversation is unknown and cannot be identified. Your network connection should be set-up to provide privacy and facilitate anonymity.
Your best defence is concealing your entire intelligence operation and especially its computer networks.
Most Popular Stories
Security Canada Atlantic 2017
September 13, 2017
ASIS Chapter 190 Fall 2017 Golf Tournament
September 14, 2017
(ISC)2 Security Congress
September 25-27, 2017
ASIS International Seminar and Exhibits 2017
September 25-28, 2017
Focus On Drones
October 4, 2017
Security Canada Central
October 18-19, 2017