Every year, we encounter a wide variety of companies, firms of different sizes that play distinct roles in their respective industries. Some are in a position to mitigate all sorts of risks to information assets, but they are in the minority.

The vast majority of companies have adopted controls that are considered standard (firewall, anti-virus, locks on server room doors, etc), but there is a general consensus among the staff that the really valuable assets of the firm continue to be exposed to risk. Management knows this but is often afraid of spiraling security costs once the decision is made to at least look into the company’s level of exposure, called the company’s security posture.

Claudiu Popa

 
 

 

I have compiled a list of no-nonsense recommendations to help anyone tackle that challenge, and mitigate the vast majority of the risk to their business. These are simple, require little effort and their corresponding investment can easily be contained. Here they are:  Read the rest of this entry »