Infosecurity Magazine feature: CEO’s guide to risk management
August 6, 2013 Leave a comment
For the next issue of Infosecurity Magazine, I am writing a feature on risk management, for a CEO audience.
I am looking to speak to analysts and security professionals, and want to cover these points:
- What IT and information security related issues require priority attention
- What does a risk based approach to information security involve?
- Compliance vs risk management: are these mutually exclusive objectives, or can one lead to the other if approached correctly?
- What type of infosec-related risks cannot be controlled? (or do we have little control over?)
Please put forward any suggestions for spokespeople by EOP on Thurs 8 August,