Posted April 11, 2017 by Tim Wynkoop
Here’s something I’ve learned using the FAIR model (and the RiskLens application) to help companies understand and measure their cyber risks: A successful risk analysis depends not just on software but the soft skills of clear thinking and clear communication.
Posted April 7, 2017 by Kristel Libres
Identifying your critical risk scenarios is one of the most important and difficult elements of assessing risk. Companies are often not properly prioritizing the risk they face and are unable to express a range of outcomes that could result.
Posted April 5, 2017 by Isaiah McGowan
With budget tight, an IT services firm faced some difficult choices: which of two competing cybersecurity solutions would deliver the maximum defense for the bucks and – bigger picture – which way to go on their security strategy. The company called in a RiskLens team led by Senior Risk Consultant Isaiah McGowan.
Posted March 31, 2017 by Chad Weinman
One of the stages of a risk management program is Risk Identification – quite self-explanatory in definition. But the challenge comes down to how to do it.
Posted March 29, 2017 by Steve Tabacek
Henry Ford once said, “If I asked customers what they wanted, they would have said a faster horse.” He instead went deeper and focused on understanding what job the customer was trying to do: Get from point A to point B safely and in the shortest period of time.
Posted March 22, 2017 by RiskLens Staff
FAIR Institute Chairman Jack Jones speaks at InfoSecWorld in Orlando, Thursday, April 6, on the Risk Management Summit panel.
Posted March 21, 2017 by Jeff B. Copeland
If you’re about to order a new endpoint security system just because you think you
should have the latest technology—stop, step back from the phone, and consider the advice given at a recent panel at the Dark Reading CyberSecurity virtual conference: Measure your risk so you truly understand your needs.
Posted March 17, 2017 by Cody Whelan
The CISO knew he had a data leak but he didn’t know how big. He suspected data masking was the solution but he couldn’t make a business case for the investment. Those were the problems RiskLens Risk Consultant Cody Whelan and team set out to solve for this client. (No company names here; we respect our clients’ privacy.)
Read Cody’s notes to pick up the story:
Posted March 6, 2017 by Jeff B. Copeland
In this short video, Jack Jones tackles one of the biggest challenges for information security practitioners: Putting a value on the company assets they protect.
Posted March 2, 2017 by Paige Pilarski
The New York Department of Financial Services (DFS) made effective on March 1st, 2017 new cybersecurity regulations which will affect the banking, insurance, and financial services organizations it regulates.