Understanding Risk

People tend to not prioritize their risk correctly. SANS Top Cyber Security report in September 2009 pointed out that people are not patching third party applications or taking care of web servers correctly.
I recently ran across the image below (click for full size) that showed the number of deaths in the last 300 days broken down by category and compared that to the number of deaths for H1N1.
(not sure who to credit on the photo, it wasn’t giving to me in context, here is the original link..

One Comment

  1. Hi, Roger –
    That’s a great photo with a great point. It is not clear to me which IT risks are like H1N1 (higher priority than justified) and which are like the other death instances (lower priority).
    Do you have a recommended approach for IT folks?

Comments are closed.