08-29-2014 11:31 AM
By: Brian Prince/ Posted on 8/29/2014
Consultant John Pironti outlines how to execute a risk-based approach to defending corporate assets.
If security and business operation requirements seem somewhat out of synch sometimes, it is because in many enterprises, they are. Yet aligning those two mandates can be critical for effectively protecting enterprises.
Next month at the Interop conference, John Pironti, president of consulting company IP Architects, will be leading a workshop on aligning a risk-based approach to security to business needs and use it to better defend the organization and minimize risk. This process requires the creation of information risk profiles, threat and vulnerability analysis, vulnerability management, and business resiliency capabilities such as incident response. But many organizations are still falling short of this nirvana state of security, he says.
"I think that I would say that we have all the best intentions, but we're still following the shiny object in execution," he says.
DarkReading/ full article here/ http://www.darkreading.com/attacks-breaches/how-to