Recent Comments
Tag Archives: risk management
Live Twice
Chandler at the New School made me collect, collate and sort my thoughts on the whole recall issue. Although what follows is more like bend, fold and mutilate. The greatest risk Toyotas pose to me is that I get drowsy … Continue reading
Intent
There’s a whole bunch of the IDC/RSA white paper on insider risk management that puzzles me on one level or another. “Whether the threats are accidental or deliberate, the costs are still the same.” I didn’t see much data in … Continue reading
Posted in Uncategorized
Tagged breach notification, fraud, insider threat, risk management, RSA
Leave a comment
Tea Risk
At the Tea Risk conference today. Heard a woman keynote all over me, until my brain sploded. Her talk was divided into two part:1. A retrospective of headlines indicate that there has been no progress in information security in the … Continue reading
4th Quadrant
My favorite ex-quant, N. N. Taleb, outlines the 4th Quadrant. Thoroughly enjoyable, but I’m a fan. This table made sense to me:In information risk management, what sort of events are fat tailed with complex payoff? Or which are not?I’ve suspected … Continue reading
From Rothman, an article at CSOnline discusses Moody’s infosec risk rating service. I personally dig this quote: The idea for such an at-a-glance rating is appealing to risk executives such as Andre Gold, head of security and risk management for … Continue reading
Posted in Uncategorized
Tagged best practices, risk assessment, risk management, the office
Leave a comment
Die Doing Something You Love
“To die doing something you love.”I encountered variations of this phrase three times Saturday. 1. In Chris Jonnum’s biography of the Haydens, the on track death of flat-tracker Will Davis. Davis was a hero of Nick Hayden’s. Mourning his death, … Continue reading
Confusion In My Eyes That Says It All
I figured I’d wait until after my paternity leave was over before I started thinking seriously about words like “control” and “compliance,” but I felt the need to say something after reading Bejtlich’s post “Controls are Not the Solution to … Continue reading
Posted in Uncategorized
Tagged compliance, controls, internal auditing, risk assessment, risk management
Leave a comment
Market Fresh
A curious discussion of terror risk, and a terror prediction futures market by some GMU economist types and at the Chronicle’s Footnoted blog. I don’t know enough to about econ to assess the value of such a market, but I … Continue reading
Posted in Uncategorized
Tagged breach notification, disclosure laws, risk assessment, risk management, threat, vulnerability
Leave a comment
Half Baked
What follows are annoying thoughts that have been ground to meaningless gravel in my head for the past month or so. As soon as I think them through, and dismiss them, my brain belches them back up. Committing them to … Continue reading
Posted in Uncategorized
Tagged breach notification, compliance, internal auditing, risk management
Leave a comment
The Red Duck
Yesterday was a tough one at work, made especially tougher by the fact that the House of Tooth is flying out on vacation tomorrow, earlier than I feel comfortable contemplating. But if Mr. Howell is going to write about motor … Continue reading
The One In Five 