By identifying, quantifying and categorizing your risks, you are better able to mitigate those risks, while increasing your security posture and improving your ROI to stakeholders.
The implementation of a robust defense-in-depth methodology can reduce the risk of data/network compromise within a critical infrastructure (CI). Through the systematic identification, quantification , and categorization, you can determine effective mitigation strategies. This approach allows you to effectively allocate limited resources to critical, high-impact areas.
In this session:
2.Process: repeatable, institutionalized process, not an ad hoc solution or one-time fix.
a.Process aligns with federal framework
3.Pre-incident cost vs. Post-incident cost