I am looking for a decent risk management magazine online. The first ones I found were RM Risk Management Magazine (rmmagazine.com) from the Risk Management Society (rims.org) and RMProfessional (RMP). RM is a little too broad since it included things like industrial, health, safety and insurance. Similarly, RMProfessional (RMP) covers OTHER aspects of risk management. So for this site, our focus is security risk management. While these are very serious risk management issues, I was hunting for a risk management magazine for Information Technology and Information Security.
A more relevant SECURITY risk management magazine would be CSO Online (http://www.csoonline.com) which focuses on security risks.. not industrial, insurance and safety. CSO covers security news, security jobs, data protetions, indentification & access, business continuity, security leadership and physical security. I think that there name CSO is taken from Chief Security Officer.
Of course if you are calling ALL security magazines “risk management magazine” then there are thousands. But I would not say that and online hacker magazine like Phrack was a risk management mag, but you could get away with calling it security. There are many others such as 2600, Hack9 then there are pentesting online magazines like Pentest Mag. All of these focus on the “threat” side of the risk scale. Where the risks come from? How the threat exploit the vulnerability, how effective is the threat, what happens when the threat is implemented. All of these could qualify as information security related sites by but not really risk managements. Why? Because they are missing one major piece.. Management.
