Developing a Risk Based Security Program – Sean McHenry (2017)
It is very recent that management has recognized the need to fund cybersecurity. Usually, that decision comes after a breach. Even so, like the rest of the IT industry, IS personnel must work with a shoe string budget. Thus, it is all too common for an organization to work toward mitigating the last audit. Unfortunately, audit mitigation does not necessarily ensure good cyber hygiene.
SAINTCON 2017 BRIEFING
TITLE: Developing a Risk Based Security Program
PRESENTER: Sean McHenry