Posted February 16, 2017 by Cody Whelan
In my last post, I discussed the importance of scoping in risk analysis.
Posted February 14, 2017 by Isaiah McGowan
It’s commonly accepted within the FAIR community that risk assessments should not sit on the shelf and collect dust; they should drive a decision or action.
Posted February 7, 2017 by Isaiah McGowan
Not a week went by in 2016 when I didn’t hear cybersecurity or operational risk leaders say something akin to, ‘I want to benchmark my risk against my peers’.
Posted February 6, 2017 by Jay Soni
The alarming proliferation of cyber-attacks on large organizations and governments across the globe has created a heightened state of awareness, which has spawned policymakers in Europe to draft and adopt new data protection regulations.
Posted February 2, 2017 by Tiziana Barrow
You may have been asked by your board, the CIO or the CISO to quantify cybersecurity risk to assess your top risks in financial terms (dollars and cents), prioritize your risk mitigations based on business impact and demonstrate the value that cybersecurity initiatives bring to your organization.
Posted February 1, 2017 by Chelsea Brunson & Jay Soni
We all know how Star Wars starts:
“A long time ago in a galaxy far, far away....”
It’s an intergalactic battle between good and evil.
Posted January 31, 2017 by Tim Wynkoop
There is some rumbling within the risk analysis industry regarding a shift from a Governance, Risk and Compliance (GRC) approach to more of an Integrated Risk Management (IRM) approach.
Posted January 27, 2017 by Cody Whelan
There is nothing finer than a well-constructed and thought-out risk scenario, bar none.
Posted January 24, 2017 by James Finn
San Francisco, here we come!
As the technical advisor of the FAIR Institute, several members of RiskLens' executive leadership will be in attendance at the FAIR Institute breakfast meeting in downtown San Francisco from 8-10 am on February 15, 2017.
Posted January 23, 2017 by Chad Weinman
“Measurements will be critical to ensure that cybersecurity receives proper consideration in a larger enterprise risk management discussion.” said Matt Barrett, NIST’s program manager for the Cybersecurity Framework.