Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Why Is Cyber-Security a Process? This Is Why.

Matt Kelly | March 11, 2015

Several weeks ago I wrote about how compliance and audit executives might approach cyber-security risks, and foremost was the point that “cyber-security” should be about developing a strong process to govern the information you have, rather than a series of tools and defenses you deploy to keep intruders at bay. Today I want to revisit that subject from a different angle: from the perspective of the cyber threat, which is also about developing a strong process to govern the information you have—except that someone else is trying to govern your information, rather than you.

This has been on my mind because I just attended the Institute of Internal Auditors’ national conference in Las Vegas, and as one would expect, cyber-security risks were all over...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.