RiskyThinking
I err[sic!] on the risk management / business continuity side of infosec.
Frustrated writer. Occasional talker.
Searchable toots…
- 0 Posts
- 1 Comment
Joined 2 years ago
Cake day: November 18th, 2022
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
@hacks4pancakes@infosec.exchange As a business continuity consultant I completely agree with this. I can help you get started, point out risks you might not have thought about, and suggest possible mitigations and responses. But ultimately it has to be your plan because only you know your business, can decide what your constraints are, can decide what and when to test, and can decide how much it is worth spending…
It’s also worth remembering that major business risks (can I make payroll next week? What if a major customer drops me?) can make a business continuity or security risk unimportant in the grander scheme of things. Low probability high consequence events don’t matter until you’ve handled the high probability high consequence ones.