RiskLens Blog

Don't Speak Wookiee to the Board

Posted February 1, 2017 by Chelsea Brunson & Jay Soni

We all know how Star Wars starts:

“A long time ago in a galaxy far, far away....”

It’s an intergalactic battle between good and evil.

... Continue Reading

Communicating Risk Beyond GRC

Posted January 31, 2017 by Tim Wynkoop

There is some rumbling within the risk analysis industry regarding a shift from a Governance, Risk and Compliance (GRC) approach to more of an Integrated Risk Management (IRM) approach.

... Continue Reading

How To Scope A Risk Analysis Using FAIR

Posted January 27, 2017 by Cody Whelan

There is nothing finer than a well-constructed and thought-out risk scenario, bar none.

... Continue Reading

RiskLens Co-Founder Jack Jones To Keynote FAIR Institute San Fran Breakfast on Feb 15, 2017

Posted January 24, 2017 by James Finn

San Francisco, here we come!

As the technical advisor of the FAIR Institute, several members of RiskLens' executive leadership will be in attendance at the FAIR Institute breakfast meeting in downtown San Francisco from 8-10 am on February 15, 2017.

... Continue Reading

A Risk Analyst's Perspective on the NIST CSF 1.1 Draft Update

Posted January 23, 2017 by Chad Weinman

 “Measurements will be critical to ensure that cybersecurity receives proper consideration in a larger enterprise risk management discussion.” said Matt Barrett, NIST’s program manager for the Cybersecurity Framework. 

... Continue Reading

Cyber Risk Nomenclature, The Source Of Much Confusion

Posted January 19, 2017 by Tiziana Barrow

Our co-founder, Jack Jones, recently contributed an article to Dark Reading, titled “Cyberrisk Through A Business Lens”.

... Continue Reading

What's Missing in the NACD Director's Cyber Risk Oversight Handbook

Posted January 19, 2017 by Nicola (Nick) Sanna

NACD updates its Cyber Security Handbook

On January 12th, 2017, the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) published an update to the NACD Director’s Handbook on Cyber-Risk Oversight (The Handbook).

... Continue Reading

Cyber Risk Quantification: Ditch The Spreadsheet And Take A Seat At The Business Table

Posted January 11, 2017 by Chelsea Brunson

“I want to quantify my cyber risk using the FAIR risk model. Now I need to make a decision: build a spreadsheet or use a commercially available software such as RiskLens.” Have you had this conversation with yourself?

... Continue Reading

Demanding More of IRM: Risk Assessments

Posted January 10, 2017 by Cody Whelan

From GRC to IRM

A shift, or something of a rebranding within the GRC space has been gathering steam over the past few months.

... Continue Reading

What Does a Gartner Shift From GRC to IRM Mean for Risk Management Programs?

Posted January 9, 2017 by Isaiah McGowan

John Wheeler of Gartner penned a piece calling for an evolution from compliance-aware to risk-aware governance programs. What does that mean for the risk management programs of the world?

... Continue Reading

Sign Up for Blog Updates