Risky Business: How to Evaluate Business Risk and Set Your Security Program Up for Success
Using risk measurement is key to prioritization and effective security coverage in your environment. As new functionality and features are constantly added to applications, assessing the kind of risk that the business is exposed to and whether this risk is actually worth the business outcome of that particular new feature or product becomes increasingly important.
A recent SANS webcast featured a Q&A session focused on business risk assessment and measurement, the relationship between business risk and vulnerability remediation, and the role of risk in the development of an effective application security program. That webcast inspired this Q&A whitepaper which covers:
- Where does risk management start?
- What are the benefits of risk-based security management?
- How do you communicate technical details in business terms?
- How do you build a quantifiable risk model that includes probabilities, cost of breach, and cost of mitigation?
- What are some good techniques when communicating risks to executive leadership teams, or the Board of Directors?
- How can building cross-functional relationships help?
- How do you prioritize vulnerabilities for remediation?
Fill out the form to download the April 2016 white paper, Risky Business: How to Evaluate Business Risk and Set Your Security Program Up for Success.
White Paper - April 2016