TECH NEWS

How to construct an effective security controls evaluation | TechTarget

https://www.techtarget.com/rms/onlineimages/strategy_a56806043.jpg

I once received an ad from a company that promised to lower home energy costs by conducting a free energy audit. The audit, it said, could be done over the phone -- no home visit -- and would require absolutely "zero questions asked" -- i.e., about our current energy use, heating and cooling systems, insulation or anything else.

It struck me as objectively ridiculous. How can you reach a fact-based, evidence-driven conclusion without at least measuring something?

I bring this up because I see CISOs promising something similar with their security strategies. Namely, they say they can manage their security controls in the absence of important contextual knowledge, without information about control efficacy -- let alone efficiency -- and, in some cases, without any operational performance data at all. Yet, just like the information-free "energy audit," this approach undermines decision-making. Missing information means we pay more for an outcome...

Copyright of this story solely belongs to techtarget.com. To see the full text click HERE

Read more

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iAaIu5DuG.D8/v1/1200x800.jpg

An interview with Match Group CEO Spencer Rascoff about plans for Tinder, including a redesign, AI features, live events, and group dating to win over Gen Z

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. App Spotlight: Quo for Zoho CRM — App Spotlight brings you hand-picked solutions that enhance your