Value-based infosec
Notice Bored
APRIL 14, 2022
A general principle is that the cost of implementing a risk treatment should never exceed the value of the asset being protected. impact to brand value when considering consequential reputational risk), however someone within an organisation often has an existing view on this value. What is the $ value of reducing information risks?
Let's personalize your content