Episode 14 – Getting Serious About IT Security Risk Management
Amrit Williams, CTO of BigFix, Inc, and Alex Hutton of Verizon Business Systems Cybertrust, discuss what it takes to practice a truly sophisticated approach to IT security risk management. In particular, the risk management discipline involves calculating and adjusting an organizations risk exposures, mitigation capabilities, and management’s risk tolerance. In this regard, Hutton speaks from his professional involvement with industry standards such as ISO 27005 and Factor Analysis of Information Risk (FAIR) techniques.
