Posted February 1, 2017 by Chelsea Brunson & Jay Soni
We all know how Star Wars starts:
“A long time ago in a galaxy far, far away....”
It’s an intergalactic battle between good and evil.
Posted January 31, 2017 by Tim Wynkoop
There is some rumbling within the risk analysis industry regarding a shift from a Governance, Risk and Compliance (GRC) approach to more of an Integrated Risk Management (IRM) approach.
Posted January 27, 2017 by Cody Whelan
There is nothing finer than a well-constructed and thought-out risk scenario, bar none.
Posted January 24, 2017 by James Finn
San Francisco, here we come!
As the technical advisor of the FAIR Institute, several members of RiskLens' executive leadership will be in attendance at the FAIR Institute breakfast meeting in downtown San Francisco from 8-10 am on February 15, 2017.
Posted January 23, 2017 by Chad Weinman
“Measurements will be critical to ensure that cybersecurity receives proper consideration in a larger enterprise risk management discussion.” said Matt Barrett, NIST’s program manager for the Cybersecurity Framework.
Posted January 19, 2017 by Tiziana Barrow
Our co-founder, Jack Jones, recently contributed an article to Dark Reading, titled “Cyberrisk Through A Business Lens”.
Posted January 19, 2017 by Nicola (Nick) Sanna
NACD updates its Cyber Security Handbook
On January 12th, 2017, the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) published an update to the NACD Director’s Handbook on Cyber-Risk Oversight (The Handbook).
Posted January 11, 2017 by Chelsea Brunson
“I want to quantify my cyber risk using the FAIR risk model. Now I need to make a decision: build a spreadsheet or use a commercially available software such as RiskLens.” Have you had this conversation with yourself?
Posted January 10, 2017 by Cody Whelan
From GRC to IRM
A shift, or something of a rebranding within the GRC space has been gathering steam over the past few months.
Posted January 9, 2017 by Isaiah McGowan
John Wheeler of Gartner penned a piece calling for an evolution from compliance-aware to risk-aware governance programs. What does that mean for the risk management programs of the world?