InfoGPS is a unique company. It is unique in the fact that our existence is borne of problems the founders have had during their careers in IT Risk. It is not the result of a highly skilled individuals who are coding a solution to a specific subsection of a regulation. We own this distinction and it drives many of our conversations about value. In fair disclosure, I am one of the founders but I do not want this to be a blog about us. I want it to continue the discussion we have started about the importance of focusing on sensitive information as the driver of risk. I remain astounded when I have the opportunity to talk to the top 25 CPA Firms, the IT Auditors at our largest companies, the most successful of the companies that our IT Security dollars are directed; and they all have the same 2) issues:
- We are swamped trying to understand and implement the proper controls to prevent data loss. The demand of assistance is overwhelming our resources to handle the requests.
- We are not employing independent tools to fundamentally understand the asset we are trying to help protect – we don’t know where data is any more than our clients.
The result of this mismatch is an ongoing issue: we know more about how to reduce the likelihood of breach by interpreting the sufficiency of controls, than we do about what assets are at risk in the first place.
To read full article , click here : http://ift.tt/1WOw99D
from cyber security caucus http://ift.tt/1SlyDLl
via IFTTT
No comments:
Post a Comment