CISO Perspective - Evaluating and Communicating Information Risk

نویسندگان

  • Russ Pierce
  • Phil Venables
  • Kavitha Venkita
  • Eric Johnson
چکیده

While security professionals have long talked about risk, moving an organization from a “security” mindset to one that thoughtfully considers information risk is a challenge. Managing information risk means building risk analysis into every business decision. In this panel, we will discuss how CISOs are working to move the conversation from security towards information risk. In particular, we will address questions about risk categorization, communication, and measurement such as:

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Clarifying the Roles of Information Security: 13 Questions the CEO, CIO, and CISO Must Ask Each Other

The chief executive officer (CEO), chief information officer (CIO), and chief information security officer (CISO) walk into a bar. The CEO orders a light beer. The CIO normally orders his full-bodied stout beer but being politically savvy and noticing the CEO’s order, also orders a light beer. The CEO’s order has raised the curiosity of the CIO, and he just can’t help but ask the CEO, “Why not ...

متن کامل

The Chief Information Security Officer: an Analysis of the Skills Required for Success

The aim of this study is to determine a set of skills needed for a Chief Information Security Officer (CISO) in a competitive business today. To this end, a review of the literature and IT security executive interviews were conducted to identify a set of relevant skills. This list was then compared to a set of job listings for CISOs. Ultimately, a set of skills were developed that organizations...

متن کامل

Communicating actionable risk for terrorism and other hazards.

We propose a shift in emphasis when communicating to people when the objective is to motivate household disaster preparedness actions. This shift is to emphasize the communication of preparedness actions (what to do about risk) rather than risk itself. We have called this perspective "communicating actionable risk," and it is grounded in diffusion of innovations and communication theories. A re...

متن کامل

Assessment for Enterprise Security Decision Making

Assessment is an integral part of a chief information security officer’s (CISO) daily work. Continuously, the CISO must make security policy decisions, either introducing new policies or technologies in the organisation, or modifying existing policies. Assessment in this environment must inherently go beyond assessment of the policy’s security properties alone. It must include considerations ab...

متن کامل

Northern Hemisphere Summer Monsoon Singularities and Climatological Intraseasonal Oscillation

Using climatological pentad mean outgoing longwave radiation (OLR) and European Centre for MediumRange Weather Forecasts analysis winds, the authors show that the Northern Hemisphere summer monsoon displays statistically significant climatological intraseasonal oscillations (CISOs). The extreme phases of CISO characterize monsoon singularities—monsoon events that occur on a fixed pentad with us...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008