Alex Hutton of the RiskAnalys.is blog left a comment on another security blog (Domdingelom's Blog): "Risk management is really the act of correlating exposure to risk to your capability to manage risk"
The Dr. InfoSec™ Blog is curated by Christophe Veltsos, PhD, CISSP, CISA, CIPP, GCFA.
Dr. Veltsos regularly teaches Information Security and Information Warfare classes. Beyond the classroom, Chris is also very active in the security community, engaging with community groups, and advising business leaders on how to best manage information security risks.
The views and opinions expressed here are those of Dr. Veltsos only and in no way represent the views, positions, or opinions of any previous, current, or future employers, clients, or associates.
All content on this blog is provided as general information and is for educational purposes only. It should not be construed as professional advice or guidance. All trademarks and copyrights on this blog belong to their respective owners.