- Risk is “the effect of uncertainty on objectives”, ISO 31000
- An effect is a positive or negative deviation from what is expected.
- A threat is a risk with a negative effect.
- An opportunity is a risk with a positive effect.
- Information Security is a business issue. It’s time for security professionals to think from both the perspective of opportunities and threats.
- Information Security is a business enabler, and it may be a business driver if opportunities are taken into consideration.
- Think about Facebook Libra!