Common knowledge in the IT Security community is that People are one of the weakest links in your attempts to secure systems and protect assets. If adequate security is to be implemented and maintained, more focused attention must be paid to managing the “people factor.” A robust awareness and training program can help to ensure […]
Main Content
NIST SP 800-39: Risk Framing
NIST SP 800-39: Risk Assessment
NIST SP 800-39: Risk Response
NIST SP 800-39: Risk Monitoring
NIST SP 800-39: The Risk Management Process
Read My Recent Blog Posts
Book Review: Secrets & Lies, Digital Security in a Networked World
Secrets & Lies, Digital Security in a Networked World by Bruce Schneier is the perfect book for security professionals who have some training in, experience with, or exposure to security technologies. Schneier declares that security must be approached from a “systems” perspective before technologies and countermeasures can be properly selected and implemented. Making the case […]
Quotes About Security
Security is a chain; the weakest link breaks it. — Bruce Schneier An IT security specialist should, first and foremost, be a business analyst. He should have a complete understanding of the business processes in the company and all the automated control systems being utilized. This will allow him to clearly break down the company […]