Minimum Viable Risk Management Program

Presented at BSidesLV 2017, July 26, 2017, 2 p.m. (55 minutes).

Most information risk management programs are cumbersome and expensive, requiring expertise and time that smaller organizations may not have. In addition, many attempts to start an information risk management program fail when the program seems to have no relevance to the organization except during audits. This talk will cover a risk management program that is lightweight, useful, and can scale as the organization matures without having to throw out existing work and start over. This process has been successfully implemented; the first stages require no specialized tools.


Presenters:

  • Rachael Lininger - Leviathan Security Group
    Information security analyst, risk consultant, Cthulhu cultist. Lawful good. Opinions belong to her autocorrect, not her employer. @0xdaeda1a

Links:

Similar Presentations: