The profile of a good risk management officer is someone who is aware of technology but not wedded to it. "It's very hard for technologists to understand risk. They think they understand the business when they really don't."
For several years he advocated that aspiring risk officers get MBAs to prepare. Now he advocates that they spend time with product-management teams to better understand business processes, what the most valuable information is and where it might be vulnerable. "The question is, 'Do you add another chief?'" he says. "How many chiefs does it take to run a business?"
Read more about wide area network in Network World's Wide Area Network section.
