- Cloud Security Risks to Consider When Adopting Cloud Services
Cloud risks stem from three characteristics: agility (rapidly-changing environments make consistent controls hard), sharing (compromise to one component affects neighbors), and outsourcing (loss of...
- Risk Management Risk Management: Objectivist and Subjectivist Approaches
Objectivists rely purely on historical data to predict risk; subjectivists complement data with judgment about context. A coin flipped by a magician might warrant different probability assessments...
- Cloud Getting Started with Cloud Security and Risks - Favorite Frameworks
Key cloud security frameworks: NIST defines cloud computing terminology (SaaS/PaaS/IaaS, deployment models), Cloud Security Alliance provides comprehensive security guidance across governance and...
- Cloud Cloud Security Attestation Beyond SAS 70
SAS 70 was designed for financial systems, not security certification—it only confirms controls the provider paid auditors to evaluate. Better options include SysTrust (prescriptive control set), ISO...
- Risk Management Protecting Corporate Data in the Age of Consumerization
Employees demand consumer devices and services at work—younger employees won't use last year's tech or carry second laptops. They'll circumvent rules or leave for trendier companies. Security must...
- Risk Management 3 Steps to Improving Your Data Safeguards
Many teams invest heavily in security controls but never teach employees how to share sensitive data safely. Classify data by sensitivity, make secure sharing practical, and detect leaks early so you...