Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: risk

The Personalization of Risk

December 19, 2011 – 6:00 am – I realized when I received several comments regarding my September 12, 2011 column “Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring” from Doug Hubbard and others, that I hadn’t been clear enough in my description of what I had termed “subjective risk.” It also seems that…
By | Posted in General, Risk Analysis | Also tagged , , , , , , | Comments (0)

The Security of Fools

November 21, 2011 – 6:00 am – No, I’m NOT saying that security professionals are fools … far from it. But many of the folks whom they serve may well be overconfident in their judgments about security. Overconfidence in the face of undisputable evidence to the contrary is described in Daniel Kahneman’s article “The…
By | Posted in CSO/CISO Perspectives, General, Risk Analysis | Also tagged , , , , | Comments (0)

SEC-urity’s Catch 22

November 7, 2011 – 6:00 am – On October 13, 2011, the Division of Corporation Finance (DCF) of the Securities and Exchange Commission (SEC) issued CF Disclosure Guidance: Topic No. 2 – Cybersecurity, available at http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm . It provides the DCF’s “views…
By | Posted in Compliance and Laws, Cybercrime, Risk Analysis | Also tagged , , , , , , , | Comments (0)

Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring

September 12, 2011 – 6:00 am – I finally got to read Douglas Hubbard’s book “The Failure of Risk Management: Why It’s Broken and How to Fix It” (Wiley, 2009). As I have written in other columns about Hubbard’s prior book “How to Measure Anything: Finding the Value of Intangibles in Business” (Wiley, 2007; Second…
By | Posted in CSO/CISO Perspectives, Human Elements, Risk Analysis | Also tagged , , , , , , , , , , , | Comments (3)

Security Innovation – Trying to Change the Game

May 10, 2011 – 6:00 am – It’s never pleasant to receive a somewhat negative book review, but such reviews often point the way to future improvements. As Theodore Roosevelt once said, “It is hard to fail, but it is worse never to have tried to succeed.” So that’s how I felt about Robert M. Slade’s review of the…
By | Posted in General, Privacy | Also tagged , , , , , , | Comments (0)