Share Your Thoughts On IT Risk Management - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
12/22/2010
03:14 PM
Kurt Marko
Kurt Marko
Commentary
Connect Directly
Facebook
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Share Your Thoughts On IT Risk Management

"In today's interconnected world, filled with increasingly sophisticated yet generally anonymous malefactors, IT must have a risk management program." Most of us have heard this so many times it goes in one ear and out the other, making about as much impression as your grandmother's homespun advice to always brush after meals and never run with scissors. But we all know grandma was right.

"In today's interconnected world, filled with increasingly sophisticated yet generally anonymous malefactors, IT must have a risk management program." Most of us have heard this so many times it goes in one ear and out the other, making about as much impression as your grandmother's homespun advice to always brush after meals and never run with scissors. But we all know grandma was right.Although security spending consistently ranks at the top of most lists of IT spending priorities, it's often easier to sell senior management on tangible new products, where the promised results are immediate and quantifiable, rather than an amorphous, drawn out process, which might not show tangible results for a year or more. Yet without some form of structured risk management program, most IT organizations don't have a good handle on where that technology spending will be most effective.

Do you know the applications most critical to your business success? Have you quantified the cost of downtime or information loss due to a security incident? Do you know where these applications are most vulnerable? The security dependencies on other IT infrastructure, like remote network access, VPNs, or shared storage? Did you use a formal security audit to arrive at these conclusions, and do you have ongoing audit and logging processes in place to verify continued security compliance? A sound risk management program promises answers to these questions and more; information that will maximize the return on your IT security investment.

InformationWeek is taking the pulse of our readers' risk management practices in our latest Risk Survey. We want to see not only how many of you have programs in place, but how you've implemented them, including the methods, organizational changes, and tools used. We'll use the data and any written comments (always one of the most interesting parts of any results) as part of an InformationWeek cover story and full Analytics report that will lay out the key steps in building an IT risk management program.

The survey, available here runs through January 3 and will take under 10 minutes to complete. You'll then be eligible to enter a drawing for an Apple 16GB, Wi-Fi iPad, so if Santa didn't come through, here's a second chance to score the gadget on everyone's wish list. If you're nervous about your responses showing up on Wikileaks, rest assured that everything's confidential and responses are only reported in aggregate.

If taking the survey leads to a resolution to make 2011 the year you take control over your IT security portfolio, a great starting place is the NIST Risk Management Guide for Information Technology Systems [pdf]. Slap this on your iPad (Santa willing) and take a gander during half time of one of those many bowls we'll all be dozing through.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll