Technology Risk Management Forum brings you up-to-date with current needs of large organizations that want to manage their security environments, taking into account both limited resources and risk and threat priorities.
Information security in an enterprise is not only about technology — it is just one of the factors that have to be considered. Companies need clever security policies and an approach that encompasses not only technology, but also processes, and most of all — people. We must focus our activities on these three areas.
We want to develop a holistic approach, trying to better understand the emerging threats, motives of our enemies and methods they use. We also want to understand our organization, its weaknesses and possible effective protection measures. We must not confine ourselves to our specific but limited perspective; sometimes we even have to consider several different points of view at once.