- Top 5 Global Cyber Security Trends of 2023, According to Google Report
- What is a virtual machine, and why are they so useful?
- U.K. and U.S. Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems
- How Are APAC Tech Salaries Faring in 2024?
- Verizon 2024 Data Breach Report shows the risk of the human element
CIO risk-taking 101: Playing it safe isn’t safe
To illustrate, some examples:
Applications portfolio rationalization: The most fundamental guiding principle of technical architecture management is to fill each required service exactly once. If your applications portfolio isn’t rationalized — that is, if it includes multiple, functionally overlapping capabilities — that creates a need for a geometrically expanding collection of synchronizations, along with a bunch of other vulnerabilities.
An unrationalized application portfolio, and for that matter poor rationalization of the other architecture layers, creates, in a word, “risks.”
Rationalizing the applications portfolio reduces the odds of these risks being realized. In risk management terms it “prevents” (aka avoids) them.
Identity management: Modern security architectures include tools for managing identity — for authenticating staff, assigning them to roles, and assigning rights, privileges, and restrictions to those roles, not to the individuals who fulfill them. Manage identity poorly and the wrong people will be in a position to do the wrong things.
Instituting sturdy identity management practices reduces the odds of a variety of risks becoming real — and also reduces the damage should a risk become real in spite of the organization’s preventive measures.
