QOTD on Managing InfoSec Risks

Managing information security risks requires an approach that is flexible and focused on what matters most to the organization, protecting critical information. Only by understanding the use of information within critical business processes can an organization, and in particular its information security function, truly begin to manage its security needs. -- Paul van Kessel, Global Leader of Ernst & Young’s Technology and Security Risk Services

Src: Former employees a growing IT security threat | Ernst & Young