We all have them. Nights where our brains lock in on some issue that just won’t let us sleep. Hopefully, it is something that can yet be addressed to prevent future sleepless nights. Hopefully, it is not an actual event that now demands a recovery solution.
If you are reading this blog, you are likely responsible for dealing with organizational or corporate risk management in some form. Judging from the number of views for my teaser post and survey, this topic hits home to a lot of people. So how can we get back to restful nights, where RISKS don’t drain our energy?
Every organization has a myriad of issues for which they must be prepared. The priority of those risks will also vary depending on circumstances, even within the same organization, site by site and day to day. Any security manager who has been in a prominent position for any length of time has at some point felt like they are standing at the Whack-a-Mole game in the arcade, waiting for the next nasty issue to pop up.
The successful security professionals must think dynamically at an enterprise level, with a future looking attitude. They no longer think in terms of stand-alone solutions that address one principle. Their responsibilities demand a holistic approach to risk management. Their challenges are no longer met with a chess game approach where you are only dealing with one sequence of events. That analogy only works if you think of them playing 20 or more games simultaneously, and threats from one board can suddenly jump to any other. That is where we live.