Assumption Risk assessment is part of the risk management process to identify exposure, likelihood and business risks so that the necessary USB Port Misconception Most often, people said blocking USB port is a control in the company but somehow there is exception process to Cyber Risk Likelihood #2 In physical world, public touch points are not hygiene. The more people touch it, the more "dirty" it will be. Limitation Every technology or system must have inherent limitations: no matter itself or its environment. Say, surveillance via CCTV for physical Blockchain Everyone is talking about this great technology and every industry is trying to adopt in the business model. Without going Myths of DLP The cybersecurity industry commonly names DLP as Data Leakage Prevention. It lacks of qualifier because the technology just tries to Least Privilege Another practice in physical world is adopted in cyber world - least privilge principle. However, we must bear in mind Zoning Many cyber practices are actually adopted from physical world. Zoning is an example. Main purpose is to isolate object path Business Value One of the fundamental principles in cybersecurity is to apply necessary controls to reduce business impact. Business value is the The 4C of cybersecurity Cautious - understand cybersecurity is important but need to explore how to execute or manage Conformance - doing things adhere Cyber Risk Likelihood In physical world, likelihood is based on historical frequencies, scientific calculation like path of hurricane, engineering specification such as MTBF Supply Chain When we consider business continuity especially service resumption, we need to look at the supply chain for the entire « Previous 1 … 19 20 21 22 Next »
