Developing An Information Security Decision-Making Matrix
CSO Online, June 4th, 2019
June 4, 2019,
Volume 255, Issue 1

It is possible to create a simple, bright-line means of triaging engagements to determine whether heightened security and privacy measures should be required

"So, maybe you've read my previous blog posts and have spent time developing strong information security and privacy protections to be included in your contracts with relevant business partners, vendors and suppliers.

The question is: when do I require those protections? Certainly not in every contract. That would greatly expand the cost and time of negotiating contracts that, potentially, present no security or privacy risks.

So how do you decide?..."

Read More ...


Other articles in the IT - Security section of Volume 255, Issue 1:

See all archived articles in the IT - Security section.