The Goal of Risk Management: Difference between revisions
From Cramsession
Jump to navigationJump to search
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
No edit summary |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Cybersecurity]] > [[Assessing Risk]] > The Goal of Risk Management | [[Cybersecurity]] > [[Assessing Risk]] > The Goal of Risk Management | ||
You cannot remove risk: | |||
* Risk cannot be completely eliminated. | * Risk cannot be completely eliminated. | ||
* Providing additional layers of security (layers of cheese) reduces the likelihood of an attack. | * Providing additional layers of security (layers of cheese) reduces the likelihood of an attack. | ||
Latest revision as of 23:55, 16 May 2025
Cybersecurity > Assessing Risk > The Goal of Risk Management
You cannot remove risk:
- Risk cannot be completely eliminated.
- Providing additional layers of security (layers of cheese) reduces the likelihood of an attack.
Additional layers however create additional problems:
- More room for configuration errors (most outages result from human error)
- More expertise and expense to manage the system
- More latency or outages.
