For most organizations today, the threat surface is broad and getting broader. There are the obvious concerns like the user base, remote or BYOD computing, on-premises infrastructure, and cloud, SaaS, and virtual environments. But as companies and supply chains become more intertwined, CISOs need to look harder at off-prem and outsourced resources, or overseas suppliers and assets. The associated risk management programs are also constantly evolving, and that’s likely due to outside influences such as … More
The post Best practices for implementing a company-wide risk analysis program appeared first on Help Net Security.