An Evolutionary Approach to Risk ManagementRisk management is identifying, analyzing, mitigating, and monitoring risks to a project. Humans do this all the time with life experiences, so there are parts of risk management that come naturally to us. What needs to be learned is recognizing our biases and limits to our visualization. Ask these questions to help.
8 Questions to Ask before Fixing a DefectSome defects require a fix, without a doubt. But not all defects are created equal, so careful thought should be applied before a defect is fixed. The goal isn’t to fix every reported defect; it’s to return value to the customer and profit to the company. These eight questions can help in the decision-making process.
Continuous Risk Management in CybersecurityTraditional cybersecurity is reactive. It responds to threats as they surface while trying to minimize the chance they will ever be an issue. Yet in an environment of constant change and evolution, this is insufficient. What your business needs to do is approach cybersecurity from the perspective of continuous risk.
Making (and Keeping) Project Risk VisibleProject managers recommend how much should be invested to address various risks based on their understanding of project context, but the final decision about what to do and when those efforts are sufficient belongs to the sponsor. Risk management requires executive input, so sponsors need to see all risk data you have.
5 SecOps Challenges and How to Overcome ThemSecOps, or security operations, is a collaboration between information security and IT operations to keep a company’s data secure and reduce risk, all while maintaining agile timelines. But it can be difficult to start. Here are five challenges you should address to ensure your SecOps implementation is successful.
Trusting Your Data: Garbage In, Garbage OutPoor quality input will always produce faulty output. Improper validation of data input can affect more than just security; it can also affect your ability to make effective business decisions. Bad data can have impacts on how you make quantitative decisions or create reports, if you can’t trust the data you receive.
Security Testing and Assessing Risk: A Slack Takeover with Shachar SchiffThought leaders from the software community are taking over the TechWell Hub to answer questions and engage in conversations. Shachar Schiff, founder and principal consultant at BadTesting, hosted this Slack takeover and discussed assessing code coverage like a risk analyst, risk assessments outside security, and more.
Lower Risk of Downtime by Testing with Production TrafficTeams need a means of identifying potential bugs and security concerns prior to release—with speed and precision, and without the need to roll back or stage. By simultaneously running live user traffic against the current software version and the proposed upgrade, you can detect bugs while reducing risk and downtime.
