[Reading time: 16 seconds]

“William Shatner, as Captain James T. Kirk, once stated that ‘risk is our business’. While he was referring to the mission of the Starship Enterprise, it holds true for many disciplines and endeavours, including information security. For without risk there is no reward, but too much risk without commensurate benefits also is not a proper direction. There must be balance.”

This is a quote from a recent blog post by Greg Shaffer of vCISO Services LLC, which serves as a useful reminder that information / cyber security is ‘just’ another risk.

And just like any other risk, cyber security risk needs to be assessed and managed.

So what?

Cyber security is not about IT.

It’s about Risk Management.