Tripwire Inc. recently sponsored a survey with the Ponemon Institute on the state of risk-based security management. Over 1,300 IT professionals in the US and the UK from a variety of industry verticals participated.

According to the survey, 81% of IT professionals rated their organization’s commitment to risk-based security management as ‘significant’ or ‘very significant.’ However, 46% of the same respondents said their organization’s approach or strategy for risk-based security management is ‘non-existent’ or ‘ad-hoc.’

What accounts for this discrepancy?

Listen to Episode 86 of our Security Slice podcast and hear Dwayne Melançon discuss  why some security professional feel like they are stuck in the basement in an episode of “The Office”, the impact that the person championing security has, and how the unequal distribution of risk can change business conversations about cyber security.

Listen to the podcast now

 

Related Article:

More Podcasts:

 

P.S. Have you met John Powers, supernatural CISO?

 

Title image courtesy of ShutterStock

Categories: Risk-Based Security for Executives, , ,

Tags: , , , , , , , , ,


Leave a Reply

Eva Hanscom

Eva Hanscom has contributed 95 posts to The State of Security.

View all posts by Eva Hanscom >