Posted February 22, 2017 by Nicola (Nick) Sanna
Three things struck me most at this year's RSA Conference:
Posted January 19, 2017 by Nicola (Nick) Sanna
NACD updates its Cyber Security Handbook
On January 12th, 2017, the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) published an update to the NACD Director’s Handbook on Cyber-Risk Oversight (The Handbook).
Posted August 18, 2016 by Nicola (Nick) Sanna
Benefits and limitations of using NIST CSF for Board Reports
Posted April 21, 2016 by Nicola (Nick) Sanna
Feeling like a hostage of security
The head of a famous fashion retailer called me the other day and started complaining about the fact that his information security organization was stifling the progress of their business. "In our industry, time-to-market is very important. New fashion lines have to hit the market at the time when shoppers are looking for new apparel." He continued: "The information security team is blocking the launch of our new e-retail application on the basis that it is not secure enough."
Posted March 17, 2016 by Nicola (Nick) Sanna
Posted February 24, 2016 by Nicola (Nick) Sanna
The importance of managing cybersecurity risk
Because organizations are so reliant on computing processes to run their business, the need to manage the associated risks has become critical. Several trends are driving the transition from technical, compliance-based approaches to cybersecurity to business-aligned, risk-based ones:
Posted February 17, 2016 by Nicola (Nick) Sanna
FAIR Institute: the home of the FAIR community
We are happy to announce the creation of the FAIR Institute as an expert, non-profit organization where information risk officers and cybersecurity and business executives can meet to:
Posted February 4, 2016 by Nicola (Nick) Sanna
"Who else is using RiskLens?" is a common question asked by prospects in search of market validation. They are very eager to move towards a risk-based approach to cybersecurity and hope that their organization can take full advantage of cyber risk quantification. A valuable step in the prospect's decision-making process is knowing which companies have already started this journey and learning from the experience of their peers.
Posted January 22, 2016 by Nicola (Nick) Sanna
We are frequently asked about what differentiates RiskLens from alternative approaches to assessing cyber risk. The following comparisons should help to clarify the important differences.