Security: Riches, Ruins & Regulation – An Exercise to Recognize and Capture Security Risk

Security: Riches, Ruins & Regulation – An Exercise to Recognize and Capture Security Risk

In security, protection is as strong as the weakest link and so raising the overall security posture of the company is wise. But security organizations just cannot lose sight of critical business risks that can destroy companies. The term lines of business (LOB) describes how companies are organized. LOB leaders have their critical information that every security team needs to design and optimize security programs. The security organization's challenge is to recognize and capture the information quickly and efficiently.

In this article, an exercise called Riches, Ruins & Regulations has been devised to uncover business risks in a non-technical and interesting way. Riches, Ruins & Regulations is moderated by a member of the security team and performed by small group of LOB leaders. The primary purpose of the exercise is to uncover information assets of significant value if stolen, potential attacks that might cause great damage, and costs associated with failure to meet regulatory requirements.

This article comes from the book, Security Battleground: An Executive Field Manual. Click here for more articles on this topic. Grow your mind with Intel.
 


Update your feed preferences