Business Value
Reduce Risks by Becoming a Service-Oriented Organization
Information security organizations in large enterprises are all-too-often focused around compliance. Communications between security and other organizations are often focused around an audit, or require some action to be taken. At times, organizations need to set aside current activities to focus on reducing risk, which can result in a missed deadline, exceeded budget, or [...]
Pointless Security Can Have a Long-Term Negative Impact
Implement security controls only when they provide value. This post shows an example of what can happen when value cannot be demonstrated.