risk
Imported tag from Readwise
risk
For example: if you can pick 20 metrics that encapsulate a number of the CIS Critical Controls and work like crazy to keep your environment to those then you will likely get more benefit than spending your time on more sophisticated approaches.
Phil Venables • 6 Truths of Cyber Risk Quantification
There’s a powerful urge to think risk is something that happens to other people. Other people get unlucky, other people make dumb decisions, other people get swayed by the seduction of greed and fear. But you ? Me ? No, never us. False confidence makes the eventual reality all the more shocking.
Collab Fund • A Few Short Stories
The AI-risk community has also learned that novel corporate-governance structures cannot constrain executives who are hell-bent on acceleration. That was the big lesson of OpenAI's boardroom fiasco. “The governance model at OpenAI was supposed to prevent financial pressures from overrunning things,” Ord said. “It didn't work. The people who were me
... See moreRoss Andersen • AI Doomers Had Their Big Moment
Welcome to the wonderful world of information security.
Addressing key business risks: Every business faces risks, but when you write them off as inconsequential or irrelevant, they become more dangerous. The Steel Man forces you to conduct a pre-mortem of each key business risk to understand how it creates a significant business disruption. In doing so, you are better prepared for managing these risks.
Sahil Bloom's Curiosity Chronicle • The Steel Man Technique, Attention Cottage, & More
“So when a CISO or anybody comes into a board room and says, ‘if we don’t do this, this is going to happen,’ it makes them all feel anxious and they start to close down their thought processes around it.”
bacohido • Best Practices Q&A: Guidance About What Directors Need to Hear From CISOs — From a Board Member
If you don’t research why new mild anomalies happen, you deserve all the upcoming incidents.
Vicente Aceituno Canal • Cybersecurity Rules of Thumb
The social default makes us fear being snubbed, ridiculed, and treated like an idiot. In most people’s minds, this fear of losing social capital outweighs any potential upsides of deviating from the social norm and disposes them to accept it.[3] Fear holds us back from taking risks and reaching our potential.
Shane Parrish • Clear Thinking
No one grows up saying I want to do the same thing everyone else is doing. And yet there is a comfort to surrounding yourself with people who agree with you, or who are doing the same thing you’re doing.
Shane Parrish • Clear Thinking
This has been bouncing around in my head for quite some time, more around business and the “what are our competitors doing” kind of sense, but similar. I keep thinking about all moms asking the question, “if little Johnny jumped off the bridge, would you?” It’s funny how we are confronted with this idea early in life, but still fall in line.
I have also read a few different business books and articles talking about senior leadership and taking risks to go against the grain which they implied are ill-advised. On one hand, it makes sense if long-term revenue generation is working. But, what about innovation? Avoiding escalation of commitment and changing bad practices? Is it risky? Sure. But, the alternative is to just say “yes” and go with the flow?
The third philosophical shift has to do with our attitude toward risk. In Medicine 3.0, our starting point is the honest assessment, and acceptance, of risk—including the risk of doing nothing.