Q&A

Frank Bernhard: The Art of Uncertainty

To hear Frank Bernhard tell it, economics is anything but the dismal science—and risk management is the key to a CSO's success.

By Elaine M. Cummings

There is no substitution for common sense. There is a rational human mind that wishes to counteract the devious human mind, and that's what you're dealing with when you think about risk. Not everything that happens as far as risk is human driven. You can have the risk of losing your data because the store server collapsed. If the mail server suffers a blow to its caching drivebasically that's a risk, right? How do we protect against that? Well, there's tape backup or there's a failover situation so that the system keeps working. So we want to look at risk in terms of probability assignment; you couple that to rational human thinking and common sense, and look what you get. You get something that's much greater than anything you can put together in a mathematical sense.So, if a structural balance between spending and just enough security is the goal in mind, then how effective is the whole mix?Let me answer this way: Travelers are reassured that flying aboard commercial aircraft is safe, but that's not exactly true. In reality, safety in flying is about managing risk. Likewise, security is about managing risk. While total protection from loss can never be achieved, we act with discretion toward spending appropriately to protect those assets at stake.

• Email
• Print
• Comments
• Digg This
• SlashDot