Where to Start with Your Risk Management?

Understanding and identifying risks is essential to a well-built and sustainable business. Being in touch with the threats and the ways to counter them is essential for a safer working environment.


Risk Management is the most important instrument for Information Security Governance.  It provides a framework for assessment and successful management of risks. Sadly,  this is something  usually poorly done or even neglected completely by a surprisingly large number of organizations today. Risk management allows companies to devise and implement economically viable risk counter-measures. All activities involve risks, which are in turn a derivative of threats, vulnerabilities and impact. Properly identifying weaknesses and assessing the associated risks is essential, and pays off in the long run. Continue reading “Where to Start with Your Risk Management?”

The Role and Purpose of Training & Awareness in Information Security


Do not be alarmed to find out your organization is somewhere in the first couple of levels on the diagram below.  Awareness is the first step, and you have much to gain by just educating your personnel or just yourself.



Continue reading “The Role and Purpose of Training & Awareness in Information Security”