The T approach means to go horizontally (breadth-first) across the company identifying its risk surface, and evaluating the probability and impact of each threat and risk. Then go vertically (depth-first) thinking how to implement security controls to really reduce the probability of the most important risk happening and reducing the impact in the case it happens Continue reading “The T approach to protect your company”
Tag: risk assessment
- The value of a pentest
- Off the top of my head: Is availability really a cybersecurity pillar?
- Off the top of my head: About having everything green in Qualys
- Information security requirements on the US “Executive Order on Improving the Nation’s Cybersecurity”
- How to find OpenSSL in our infrastructure