Jan 18, 2013
Strategy: How to Conduct an Effective IT Security Risk Assessment
Assessing an organization’s security risk is a key element of an effective enterprise security strategy. Such assessments can mitigate the impact of a security breach or, more to the point, prevent such a breach from happening in the first place. Done well and used correctly, an IT security assessment can also be an invaluable tool for justifying future security spending. The CEO and other business executives may not understand the technical underpinnings of vulnerabilities, hacks and the security tools used to keep organizations safe, but they will understand the dollars and cents involved when systems, networks and data are compromised.
In this special report, Dark Reading offers an in-depth look at the risk assessment process, the potential means and practices for conducting an audit, and the strengths and pitfalls surrounding a security risk assessment. We also offer some insight into how to measure and convey risk parameters so that they can be understood and used by upper management. (S6450113)