Risk management
is something we do every day. When I get up in the morning do I stand still and
let the dogs get around me or do I continue down the hall to let them out,
knowing at some point they’re going to blow through me and potentially take my
legs out from under me. Driving to work, do I have enough time to make a right
on red or do I need to wait for this car to go past first?
Now apply this
to information security. There is risk management involved there, too. The way
technology keeps improving we need to keep on top of risk management. As
technology improves for the good guys, it also improves for the hackers. Also,
as technology improves, newer parts coming out generally could have bugs in
them that will need to be fixed. Staying on top of that is part of risk
management. As the technology improves when does the older equipment become obsolete?
What kind of vulnerabilities are there in the older software or hardware that
can be taken advantage of?
Risk management
is sometimes a balancing act between staying within a budget and updating to
newer software or hardware to alleviate these vulnerabilities. It is weighing the
vulnerabilities and then racking and stacking to determine which are the most
important ones to take care of first.
No comments:
Post a Comment