What are Information Assets?

Many methods for analysing Information Security Risks use the term assets, information assets or business assets interchangeably. This is a common foundation of Information Security risk analysis often providing a guide to the business impact of a risk being realised in particular systems that hold or access these assets. The…

Dressing up security with Bow-Ties

Bow-Tie diagrams are a very useful way to visualise the components of security risks and a fantastic way to understand the relative importance of different controls and mitigations. A bow-tie diagram uses the risk scenario under consideration as the ‘knot’ of the tie with two trees either side, the left-hand…