Episode 4: Reducing risk vs. enabling the business: finding the balance

"We're [CSOs] all focused on this balance of being able to reduce risk while enabling the business," says Lionbridge CSO & CPO Doug Graham. But, he adds, "There's no real hard-and-fast rules about how much risk and what that recipe is." For Graham, the most concerning part about the CSO role isn't that there aren't any hard-and-fast rules about the right recipe for risk; instead, it's "making sure you've presented all the options and you haven't missed something…. Am I presenting the balance right to the rest of the leadership team so we that can make sensible decisions that are right for the company?" As for how Graham makes sure he's getting the most out of his security technology investment, "it's a case of defining our controls, measuring their coverage, and measuring their effectiveness," he says. "And I think that gives you two very simple metrics. What's my coverage? And what's the effectiveness of my controls?" Produced by IDG Communications, Inc.

Om Podcasten

Bob Bragdon, senior vice president and publisher of CSO, hosts this podcast featuring interviews with top chief information security officers from across the country. Listen in as these tech leaders discuss current security threats, critical IT projects, security skills and careers, and much more.