A Risk Management Approach to Information Security

Previous: Securing Your Data at Cloud Scale
Information security is no longer an IT problem. It's a risk management problem.
Writer Danny R.
May 30, 2015

Danny is one of the founders of Terbium and is known around the office for his extended soliloquies and pontifications about the security industry. He blogs about global trends and the importance of knowing where one's data is on the dark web.

It’s not a matter of if, but a matter of when. In fact, when discussing data breaches, it’s not a matter of when will it happen, but a matter of when did it happen. We started Terbium with the thesis that defense, while still necessary, is no longer sufficient. In today’s insecure digital world, your organization’s critical data will always be at risk, whether from a sophisticated outside actor or inside threat. That’s why modern organizations are shifting their information security focus from prevention to risk management.

One example of this shift has been the evolution of the Chief Information Security Officer’s role within an organization. Traditionally, the CISO position was an information technology one that focused on procuring and deploying defensive IT products on an organization’s network. However, more and more the CISO is moving into the risk management part of the organization, focusing as much on planning, remediation, training, and insuring as he or she is on technology and prevention. Planning for the eventual data breach is crucial in today’s environment, and being able to execute that plan as quickly as possible after a breach occurs is the key to mitigating damage.

It’s to this end that Matchlight Data Intelligence becomes a key part of any information security posture. Matchlight alerts organizations to the presence of their data on the internet immediately and automatically, with a particular focus on the dark web. With Matchlight, organizations can discover breaches within minutes rather than months, and initiate their remediation plans before any further damage can occur.

industry March 06, 2019
International Women's Day 2019: Balance for Better

Each year on March 8th, the world comes together to amplify women’s successes and advocate for women’s futures. This year, the theme of International Women’s Day is Balance for Better, a campaign designed to...

industry September 21, 2018
Security is Dead. Long Live Security.

Data has intrinsic value – think of it like money, just stored differently. We currently live in a world where actors use sophisticated tradecraft previously relegated to the shadowy world of government intelligence to...