#40 - Risky Business - podcast episode cover

#40 - Risky Business

CISO Tradecraft®
Aug 01, 202144 minEp. 40
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

In this episode, we take a deep dive into that four-letter word RISK. Risk is measurable uncertainty. As a component of Governance, Risk, and Compliance (GRC), risk management is an important part of a security leader's responsibility. Risk assessment is conducted for a number of reasons, and measuring risk is an important component of effectively overseeing our IT investments. We'll look at NIST and ISO standards for risk, and define the different types of risk assessments. And, because there is risk inherent in many endeavors, this episode will be continued in a part 2, because we didn't allow for the risk of running over with this much great information.

For the best experience, listen in Metacast app for iOS or Android