The InfoSec Blog
4Aug/11

Mistaken Thinking – Risk not threats

Various mobile devices creating interoperability.

Image via Wikipedia

Via a LinkedIn posting in the Infosecurity magazine forum titled
"Internet Threats Posed By Mobile Devices: How Can We Prevent Them?"
I came to
http://www.mxsweep.com/blog/bid/65075/Internet-Threats-Posed-By-Mobile-Devices-How-Can-We-Prevent-Them

OUCH OUCH OUCH!

The mobile devices don't pose threats.
The mobile devices represent risks.

Threats are external. They are not under your control.

The article title is clearly confusing THREATS with RISKS.

There are aspects of risks which ARE under your control.
You can control how EXPOSED you are to threats and how they will IMPACT you - or more specifically your assets. In this case the mobile devices.

You can't prevent threats, you can only mitigate their IMPACT.
You can instigate preventive measures.

Mobile devices and the data on them are ASSETS, not threats.

Correct terminology leads to correct thinking.
Eliminating misunderstanding and confusion leads to effective results.

Enhanced by Zemanta

Posted by Anton Aylward

Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.