Welcome to InfoRiskTodayHelping Mitigate Vulnerabilities that Threaten Your Organization
If information security is the brawn of an information-reliant organization (and most businesses and governments qualify), then information risk management is its brain. And, we're about to provide you with a heavy helping of brain food.
Successfully implementing IT security requires lots of smarts, especially in understanding how security technology works, but knowing what to protect and how to balance that with other business operation needs requires a deep understanding of information risk management.
The thirst for information risk management knowledge is intensifying. The editors at Information Security Media Group's websites - BankInfoSecurity, CUInfoSecurity, GovInfoSecurity and HealthcareInfoSecurity - have recognized the expanding interest in information risk management among our readers over the past few years, and in response, we have increased our coverage of risk management at each of our sites. The next logical step is for us to expand our coverage to a new venue for those seeking information risk management news, views and education for all types of enterprises, not just for the financial services, government and healthcare sectors we've been covering. That's why we've launched InfoRiskToday.
We see an expanded readership for InfoRiskToday beyond the chief information security officer and chief information officers as well as other IT and IT security professionals who've been the core audience at our information security sites. But we've noticed an increasing number of other executives, managers and professionals - the non-IT ones - visiting us, searching our sites for content that would give them a better understanding on how secure technology can help advance their business mission and objectives. And, that's where InfoRiskToday and information risk management come in.
As explained by our friend Ron Ross, one of the world's foremost authorities on information risk management, IT security consists of the processes and tools that assure confidentiality, integrity and availability of information and information systems. Risk management, on the other hand, looks at threats and vulnerabilities that could adversely affect an organization's mission and provides a path to address them.
"If you look at risk management, it's kind of the superstructure that sits on top of cybersecurity," says Ross, senior computer scientist and lead information risk management expert at the National Institute of Standards and Technology. "The idea is that you can never hope to do what you want in regard to deploying your safeguards and countermeasures, because you got limited budgets, you got other restraints and assumptions, the things that come into the daily operations."
Along with our regular content, we launch InfoRiskToday with a few features of note: an insightful article looking at how the recent wave of security breaches is serving as the catalyst for organizations to tackle information risk management (see Breaches Serve as Wake-Up Call for Risk Management) and an interview with Ross on not only the differences and similarities between information risk management and information security, but the responsibilities of different professionals within the organization to ensure information risk management is executed properly (see IT Security Vs. Info Risk Management).
We've designed InfoRiskToday to help you easily discover the information you need. Our homepage offers the latest information risk and IT security news and views as well as interviews with the leading minds in the field (such as Ross). A bar along the top of our homepage gives you one-click access to the latest content about audit, compliance, education, fraud, governance, incident readiness, privacy and technology. Our library of webinars offers an array of educational programs from leading experts and practitioners. White papers addressing the latest thoughts and solutions regarding information risk management also can be easily accessed.
Please join us in this new venture, and let us know what you think of InfoRiskToday. You can reach me at firstname.lastname@example.org.
Executive Editor, InfoRiskToday