May 2008
6 posts
Webinar Alert: They’re Letting Us Speak Again! →
Our friends at Cisco have asked Jack Jones to be part of their InfoSec Leadership Forum Webinar Series. He’ll be talking about FAIR and risk in a two part series and I really think you’ll enjoy…
Physicians and medics →
My thanks to Mike Rothman who last week gave me credit for “fighting the good fight”. I’d like to think he’s right — it has been a bit of a struggle over the years, I’d like to think I’m winning…
Communicating about risk - part 2 →
The trouble with likelihood
It’s common to see charts similar to the one below used to communicate risk. On one axis we have Impact, and on the other we have Likelihood. We’ll save a…
Shrdlu on GRC FTW →
Shrdlu is entertaining and insightful and writes everything I wish I could have written on the Blogo-topic du jour, GRC.
Appropriate funding →
Because many organizations are beginning to wrestle the funding beast at this time of year, I thought I’d focus this week’s post on the question of “appropriate funding”. It only tangentially…
Communicating about risk - part 1 →
In his comments a couple of weeks ago, Walter brought up an important point. Paraphrased, he pointed out that misrepresenting the precision of an analysis is a bad thing. He also pointed out that…