Tag Archives | Risk Management

ISO 22301 to Replace BS 25999-2

According to various sources, the leading business continuity standard BS 25999-2 will be replaced by an international standard ISO 22301 by the end of 2011. This kind of transition is normal – the same thing happens with most management standards, for instance with ISO 27001 when in 2005 it succeeded BS 7799-2. So what are […]

Read full story Comments { 0 }

Justifying IT Security: Managing Risk & Keeping Your Network Secure

The goal of a security program is to choose and implement cost effective countermeasures that mitigate the vulnerabilities that will most likely lead to loss. This paper discusses the management of Risk and how Vulnerability Management is one of the few counter-measures easily justified by its ability to optimize risk.

Read full story Comments { 0 } Download Whitepaper

Overcomplicating Information Security and Risk Management

If I had to highlight a key problem area for organizations when it comes to how they approach Information Security and Risk Management overall, it would be the over-complication of their implementation(s), or lack thereof. (Sounds strange for the latter but it’s that “complication” that also results in the “lack thereof”). Technology has done little […]

Read full story Comments { 3 }