When it comes to managing and mitigating technology risk, IT teams have traditionally relied on operational, control-compliance approaches focused on information security. The rest of the business, meanwhile, has probably adopted broader, business-focused risk management frameworks. This disconnect can sometimes inhibit IT leaders’ ability to effectively articulate technology risk to business stakeholders, which can impact investment decisions.
For effectively managing IT risk, there’s room for both approaches, because there are benefits found in each method.
Control compliance
One of the key benefits to a control compliance approach is the increased understanding and awareness gained regarding low-level control deficiencies that are present within the technology estate. As we can see from the various successful backdoor entries across industries, it is often an unpatched system or a minor configuration error that enables a hacker to gain entry. Therefore, a deeper understanding of current control deficiencies can increase the probability of detecting a small, exploitable vulnerability that can lead to a backdoor attack.
Search and social media was filled with clickbait and propaganda in the wake of Vegas shooting
Wells Fargo patent troll case has finance world all aquiver so Barclays, TD Bank sign up to Open Invention Network
‘O.J. Made in America’ Is a Masterful Feat of Editing
Three great opportunities for startups in the entertainment space – TechCrunch
Valve Throws in the Towel and Ends Artifact Development
TikTok Rolls Out Q&A Feature for Everyone
Twitter 'Undo Send' Feature Discovered
Apple Patents a Magnetic Charging Port