Calculating Return on Investment for information security
Return On Security Investment (ROSI) in information security area is a key performance indicator to measure effectiveness of investment in information security and to create business case for different...
View ArticleRunning an effective InfoSec program
Following is a summary of things to do on a routine basis to effectively info sec program. The post Running an effective InfoSec program appeared first on CISO Leadership, Strategy, and Research.
View ArticleCISO Strategy – Avoid Pitfalls of “MORE” Information Security Controls
More security controls “should” be better. Isn’t it? So why worry about the negative side? Yes this seems to be counter-intuitive initially! However, you know that you need people to implement and...
View ArticleApplication Security and SDLC
Latest research reports (e.g. Verizon DBIR) show that more and more attacks are directed towards applications and this trend is increasing due of multiple reasons including the following: Most attacks...
View ArticleWhat is Return on Security Investment (ROSI) Anyway?
Credit Pexels ROSI or Return On Security Investment is simply a way to calculate if a security control is worth implementation or not. For a control to be financially viable, the reduction of risk has...
View ArticleInformation Security Leaders Handbook
Few years ago, I wrote Information Security Leaders Handbook but it was not listed as a download on this blog. With this post, I would like to put it here and also check the level of interest from...
View Article
More Pages to Explore .....