Contents
Keeping the Company Legal: The Regulatory Flood
The Rapid Proliferation of Information and Devices
A New Approach to Managing Risk
Chapter 2: The Misperception of Risk
The Subjectivity of Risk Perception
How Employees Misperceive Risk
How Security Professionals Misperceive Risk
How Decision Makers Misperceive Risk
How to Mitigate the Misperception of Risk
Chapter 3: Governance and Internal Partnerships
Finding the Right Governance Structure
Intel’s Information Risk Governance
Building Internal Partnerships
Chapter 4: External Partnerships
The Value of External Partnerships
External Partnerships: Types and Tiers
Chapter 5: People Are the Perimeter
The Security Benefits of Personal Use
Chapter 6: Emerging Threats and Vulnerabilities
Structured Methods for Identifying Threat Trends
Trends That Span the Threat Landscape
Chapter 7: A New Security Architecture to Improve Business Agility
Business Trends and Architecture Requirements
Privacy and Regulatory Requirements
Users and Data: The New Perimeters
Chapter 8: Looking to the Future
Business Intelligence and Big Data
Conclusion: The Implications for CISOs
Chapter 9: The 21st Century CISO
Chief Information Risk Officer
Demonstrating the Reality of Risk
Taking Action at the Speed of Trust