One of the most important and difficult responsibilities a CISO has is how to best invest in their security program to reduce the risk of a security incidents to an acceptable level. The challenge here is determining “how much is good enough” and “where do I get the biggest bang for the buck.” In this post, I discuss some strategies for helping to build…

Read more