Security / understanding risk Dark mode Risk Scoring: Likelihood, Impact, and the Matrix Every risk decision comes down to two questions: how likely is this, and how much would it hurt. Risk scoring is the discipline of answering both in a way that lets you compare one risk against another and decide where to spend […]
Security / understanding risk Dark mode What Is a Security Risk Register? A security risk register is the single place where an organization writes down what it is worried about and what it is doing about it. It is the prioritized catalog of your real, plausible risks, with an owner and a plan attached to […]
Security / understanding risk Dark mode How to Do a Security Risk Assessment A security risk assessment answers a question every organization eventually has to face: what could go wrong, how bad would it be, and what should we do about it first. Done well, it turns a vague sense of unease into a ranked […]