Introduction

Page one.   I will try to offer a little to those involved in information security, application security, business operations security, and infrastructure security.   I will also try to repeat a lot that bears repeating.

I believe that we need to train business and technology management,  leaders across all types of business, about effectively managing risk.  We need to offer reasonable alternatives to a simple hope that “loss will visit elsewhere — but not at my company, at least not on my watch.”

Ineffective risk management decision-making can result in net risk increase.

And the vast and varied application layer remains a risk-rich territory.

My thanks to WordPress.com for this service, and to Kevin Riggins at Infosec Ramblings for a nudge.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: