Prioritizing the Risk Funnel
Date: Tuesday, July 17, 2012
Time: 2:00pm - 3:00pm ET / 11:00am - 12:00pm PT
Duration: 60 minutes
No organization, including the biggest of the big, has enough security resources. We all need to make tough choices. Some things won’t be done when they need to be. Some things won’t get done at all. So how do you choose?
Unfortunately, most organizations don’t choose at all. They just do whatever is next on the list, without thinking too much about prioritization. This is the path of least resistance for tactically oriented environments. Oil the squeakiest wheel. Keep your job. It’s all very understandable, but it’s not very effective.
Optimally, security resource allocation should be prioritized to the activities that will achieve the greatest risk reduction for the organization.
Join Mike Rothman, John Alexander and Jay Schiavo as they address the sticky problem of how to calculate risk effectively so you can prioritize your endless security to-do list.
Unfortunately, most organizations don’t choose at all. They just do whatever is next on the list, without thinking too much about prioritization. This is the path of least resistance for tactically oriented environments. Oil the squeakiest wheel. Keep your job. It’s all very understandable, but it’s not very effective.
Optimally, security resource allocation should be prioritized to the activities that will achieve the greatest risk reduction for the organization.
Join Mike Rothman, Mike Yaffe and John Alexander as they address the sticky problem of how to calculate risk effectively so you can prioritize your endless security to-do list.
Attendees will learn:
· Why vulnerability scanning isn’t enough anymore
· How attack path analysis to improve security risk posture
· Five things to do today to more effectively prioritize riskSpeakers:
Rodney Brown, CISSP, GIAC GISP, ITILv3
Mike Rothman
Analyst and President
Securosis
Jay Schiavo
Director of Product Management
Core Security
John Alexander
Product Manager
nCircle
