Who Should Be On Your Information Risk Council
The Information Risk Council (IRC), also known as the Risk Governance Council or Security Steering Committee, is a key component of an effective security program especially if aligned with ISO [...]
Implementing Continuity in Your GRC Program
Every company must deal with governance, risk, and compliance. Often abbreviated as GRC, this business function is responsible for ensuring that major risks are addressed, required compliance initiatives have been [...]
Build a Security Program and Run It Like a Business
I recently finished the book "Traction" by Gino Wickman. Next to Scaling-Up by Verne Harnish, I think it is one of the most actionable business books I've ever read. Our [...]