Posted by: David Scott
2010 Global SMB Information Protection Survey, AITP, Association of Information Technology Professionals, business management, business policy, business risk, business security plan, information securrtiy, IT risk, IT security, risk management, Security Plan, securtiy policy, velocity of risk
Wow. I was reading an article in InformationWeek magazine: The Top 10 Security Challenges for 2010. I guess I’m slowing down: The article is from January 2nd. Ahem, however -
There’s a great, great, line in the article – I wish I’d written it, but I’m happy to source it: Speed may be Google’s most cherished goal, but it also increases the velocity of risk.
The “velocity of risk”! That is an incredible concept: Velocity’s definition comprises speed paired with direction. In other words, 35mph is an indication of speed. 35mph due North is velocity.
But, what is Velocity of Risk in an IT/business sense?
Well – risk now arises quickly, and comes from many directions: The cloud (internet apps and services), social networking sites such as facebook and MySpace (just recently suffering its own breach), business sites such as LinkedIn, real-time enablements like Twitter and chat agents… and on and on and on…. you get the idea.
So, we can see that risks stream toward us from many directions (sources), and risk speeds toward us (opens quickly) – in both the unmanaged (or poorly managed) environment; but also too often in the best, most carefully managed, environments. Unmanaged risk opens, and will ultimately deliver, incidents of directed harm in the form of malware, hacks, etc., and incidents of inadvertent harm (lack of centralized data/nightly backups, as one example).
A tenet from The Weave that we’ve hammered many times: In the realm of risk, unmanaged possibilities become probabilities. And quite naturally, an ongoing situation of probability will deliver in the course of time - it’s a guarantee: data breach, identity theft, corrupted data, applications crash… followed by costly recoveries… or – loss of business reputation and customer-faith.
When IT and Business converse across the table, be sure to discuss risk management, associated costs, and delivery of protections (ROI) in a specific context.
That context is Velocity of Risk.
NP: Rolling Stones: Metamorphisis. The opening track - the alternate take of “Out of Time” - is worth the price of admission. On vinyl. Next week, some NPs involving hardcore Blues on original 78 rpm.