Category: Enterprise Risk Management

Analysis of risk and the principles of mitigation using metrics and evidence rooted in causal analysis to protect and defend the enterprise.

Risky business with national budgets

If you hear an information technology professional say there are risks to an organization fire them. There is only risk. Risk is a state of possible negative consequences and stating there are multiple risks is glossing over a deeper reality.…

Blood is thicker than TCP/IP

Jeffrey Carr predicts 2012 isn’t going to be a pretty way forward for information security professionals, industry or governments. He has a couple of points I’d like to dissect a little bit. I’m not much for alarm bells. We’ve had…

Changing Tactics: Swarm and air power

David Ronfeldt and John Arquilla in the early 2000s discussed as part of Network-centric Warfare the concept of swarming. Large scale forces working autonomously with heightened capacity but perhaps lower cost and capability are able to work effectively against opponents.…