Tripwire Inc. recently sponsored a survey with the Ponemon Institute on the state of risk-based security management. Over 1,300 IT professionals in the US and the UK from a variety of industry verticals participated.
According to the survey, 81% of IT professionals rated their organization’s commitment to risk-based security management as ‘significant’ or ‘very significant.’ However, 46% of the same respondents said their organization’s approach or strategy for risk-based security management is ‘non-existent’ or ‘ad-hoc.’
What accounts for this discrepancy?
Listen to Episode 86 of our Security Slice podcast and hear Dwayne Melançon discuss why some security professional feel like they are stuck in the basement in an episode of “The Office”, the impact that the person championing security has, and how the unequal distribution of risk can change business conversations about cyber security.
- Security Slice: Apple’s Invisible Security Strategy
- Security Slice: Risk Based Security – An Art or Science?
- Security Slice Podcast: Setting Up Security Standards
- Security Slice: Who Wants to be a Cyber Authority?
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock