This week brought us some great resources for IT security governance.

First, Bortnick, cyber liability lawyer and Pennsylvania chair for the Council on Litigation Management, shares some useful tips for those organizations mulling the purchase of cyber insurance in an interview for HealthcareInfoSecurity.

The National Institute of Standards and Technology (NIST) has issued the Guide for Conducting Risk Assessments. Though it was written for federal information systems and organizations, its lessons can be applied to other organizations in and out of government. Risk assessments are essential tools for the selection of appropriate defensive measures so enterprises can respond effectively to cyber-related risks.

Also, an interesting webinar that will take place October 10th: Board Responsibilities for IT Risk Management: Building Blocks for a Secure System. Targeted at Board Members, Audit Committee Members, Presidents/CEOs, COOs, CFOs, Chief Auditors, Chief Risk Officers, this webinar aims to ensure that board members have a firm understanding of risk assessment, security controls, monitoring, testing and training techniques.

That’s it for this week. Enjoy reading these articles, and share your thoughts with us and with others in your organization.