RiskLens Blog

Nicola (Nick) Sanna

Nicola (Nick) Sanna is the Chief Executive Officer of RiskLens

Find me on:

Recent Posts

RSA 2017: The Case for Business-Driven Security

Posted February 22, 2017 by Nicola (Nick) Sanna

Three things struck me most at this year's RSA Conference:

  1. It keeps growing: 45,000 people attended this year;
  2. The call for business-driven security; 
  3. The continued proliferation of specialized security offerings. 
... Continue Reading

What's Missing in the NACD Director's Cyber Risk Oversight Handbook

Posted January 19, 2017 by Nicola (Nick) Sanna

NACD updates its Cyber Security Handbook

On January 12th, 2017, the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) published an update to the NACD Director’s Handbook on Cyber-Risk Oversight (The Handbook).

... Continue Reading

Jumpstart Your Cyber Risk Quantification Program With New Customer Success Packages

Posted October 6, 2016 by Nicola (Nick) Sanna

Starting the Cyber Risk Quantification Journey

RiskLens prospects, who conduct a pilot implementation of the Cyber Risk Quantification (CRQ) application, experience first hand the power of quantifiable risk analysis and data-driven decision making.

... Continue Reading

Adding Dollars and Cents to Your NIST CSF Reporting

Posted August 18, 2016 by Nicola (Nick) Sanna

Benefits and limitations of using NIST CSF for Board Reports

... Continue Reading

Why Businesses Need CISOs To Stop Playing Defense

Posted April 21, 2016 by Nicola (Nick) Sanna

Feeling like a hostage of security 

The head of a famous fashion retailer called me the other day and started complaining about the fact that his information security organization was stifling the progress of their business. "In our industry, time-to-market is very important. New fashion lines have to hit the market at the time when shoppers are looking for new apparel." He continued: "The information security team is blocking the launch of our new e-retail application on the basis that it is not secure enough."


... Continue Reading

Five Key Takeaways From Cyber Risk North America 2016

Posted March 17, 2016 by Nicola (Nick) Sanna

 
I just attended the Cyber Risk North America conference in New York. The themes covered at the conference were very thought-provoking and focused on where the profession is going next.  The intimate format of the event allowed CISOs, technology and information risk officers, industry experts and specialized consultants to learn from one another and go in-depth. 
 
... Continue Reading

What Most Organizations Are Assessing Is Not Risk

Posted February 24, 2016 by Nicola (Nick) Sanna

The importance of managing cybersecurity risk

Because organizations are so reliant on computing processes to run their business, the need to manage the associated risks has become critical. Several trends are driving the transition from technical, compliance-based approaches to cybersecurity to business-aligned, risk-based ones: 

... Continue Reading

RiskLens Sponsors the Creation of the FAIR Institute

Posted February 17, 2016 by Nicola (Nick) Sanna

FAIR Institute: the home of the FAIR community

We are happy to announce the creation of the FAIR Institute as an expert, non-profit organization where information risk officers and cybersecurity and business executives can meet to:

  • learn more about the FAIR risk standard and how to better manage risk from the business perspective
  • develop and share information risk management practices 
  • network with their peers and connect with FAIR experts
... Continue Reading

Who Are RiskLens' Customers?

Posted February 4, 2016 by Nicola (Nick) Sanna

"Who else is using RiskLens?" is a common question asked by prospects in search of market validation. They are very eager to move towards a risk-based approach to cybersecurity and hope that their organization can take full advantage of cyber risk quantification. A valuable step in the prospect's decision-making process is knowing which companies have already started this journey and learning from the experience of their peers.

... Continue Reading

What Sets RiskLens Apart From The Competition

Posted January 22, 2016 by Nicola (Nick) Sanna

We are frequently asked about what differentiates RiskLens from alternative approaches to assessing cyber risk. The following comparisons should help to clarify the important differences.

... Continue Reading

Sign Up for Blog Updates