CSO - Many chess players--and I'm sure you are going to find this hard to believe--are boring. Even to their fellow chess players.
Because they try to play zero-risk chess.
These poor saps try to win by playing timidly, avoiding error at all costs, purely trying to create weakness-free positions. They don't gamble, but they also don't try new ideas, and they never play a game that anyone else would find interesting or creative or worth emulating. They aren't actually playing to win; they are playing not to lose.
[Get CSO's new monthly Risk Management newsletter]
It's a soul-crushing experience to sit down for a three- to four-hour game at my Tuesday night club, only to realize that my opponent's sole objective is to suck the life out of the position. This, I say, is no way to spend a Tuesday night. Zero-risk chess is boring.
In my professional life, as in chess, I have discovered that I like risk. I like creativity and I like winning. I am willing to gamble on my own judgment. And when I don't get the result I expect, I rethink my analysis with this new data. If I come to the same conclusion as before, I often double down.
Of course, the results of chess games don't matter. You lose spectacularly, you get to reset the pieces and try again from scratch next week. You look kind of stupid, but so what.
The results of taking this approach in business are much more tangible. Particularly with security risks, it doesn't make sense to be cavalier. But that doesn't mean your business should take no risks. Zero-risk business isn't just boring, it also has very little upside.
That is why security leaders have to become great evaluators of risk. Join me on my new blog and share your experiences as I delve into the exciting--not boring!--topic of risk management.
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Cyberwarfare White Papers | Webcasts