http://labs.neohapsis.com/2008/04/24/whose-risk/ Managing Risk and Security since 1998 Mon, 08 Mar 2010 01:56:21 +0000 http://wordpress.com/ hourly 1 http://labs.neohapsis.com/2008/04/24/whose-risk/#comment-31 Interesting Bits - April 28th, 2008 « Infosec Ramblings Mon, 28 Apr 2008 15:14:30 +0000 http://neolab.wordpress.com/?p=27#comment-31 [...] Whose Risk? [...] [...] Whose Risk? [...]

]]> http://labs.neohapsis.com/2008/04/24/whose-risk/#comment-16 Mike Murray Thu, 24 Apr 2008 23:14:01 +0000 http://neolab.wordpress.com/?p=27#comment-16 Of COURSE I'm not... you actually called out the distinct audiences for each part of the debate, which is why your post inspired this rant on my part. Of COURSE I’m not… you actually called out the distinct audiences for each part of the debate, which is why your post inspired this rant on my part.

]]> http://labs.neohapsis.com/2008/04/24/whose-risk/#comment-15 Andy Thu, 24 Apr 2008 22:38:11 +0000 http://neolab.wordpress.com/?p=27#comment-15 Ok, but just for my own feelings you're not saying I'm ignoring the distinction right? :) Ok, but just for my own feelings you’re not saying I’m ignoring the distinction right?

]]> http://labs.neohapsis.com/2008/04/24/whose-risk/#comment-12 amritw Thu, 24 Apr 2008 18:16:54 +0000 http://neolab.wordpress.com/?p=27#comment-12 Good point - unfortunately this is part of the reason that valid concerns about risk and useful metrics that can be used to measure effectiveness and efficiency of an organizations IT security program quickly become an exercise is futility. Too often they are then sprinkled with a generous serving of FUD to overcome the bad taste Good point – unfortunately this is part of the reason that valid concerns about risk and useful metrics that can be used to measure effectiveness and efficiency of an organizations IT security program quickly become an exercise is futility. Too often they are then sprinkled with a generous serving of FUD to overcome the bad taste

]]>