Posted July 19, 2017 by Jeff B. Copeland
This is the year, 2017, that cyber threats broke down the boardroom door and confronted board directors with the ugly reality that cyber risk could quickly escalate to operational risk, market risk and even enterprise risk.
Posted July 18, 2017 by Jeff B. Copeland
At RiskLens, we’re all about defining and refining “risk” to laser focus on what can be measured (in meaningful ways), prioritized and ultimately managed. When we hear loose use of terminology in the risk field, our antennae go up.
Posted July 17, 2017 by Isaiah McGowan
“What should I measure first?”
I expect this seemingly innocuous question from any organization starting their journey towards cyber risk quantification. It’s the right first question. But, dwelling too long on the topic can result in pinning your program to the ground before you even turn on the thrusters.
Posted July 14, 2017 by Leanne Scott
Onboarding the RiskLens platform, learning the FAIR model that powers the application, and socializing your organization to think in terms of risk quantification -- it's a lot like a hike with a lofty goal. It’s one you can handle with a little stretching, some determination, some flexibility, and perhaps a little help from the park ranger. Once you’ve accomplished it, you're going to love the view from the top. And as they say, it’s all downhill from there.
Posted July 6, 2017 by Jeff B. Copeland
The recent Cyber Risk North America Conference, hosted by Risk.net, drew a high-level crowd of over 100 infosec professionals from banks, insurance companies, mutual funds, and other finance firms—and their regulatory agencies—for a two-day gathering in New York that was a great listening post to measure the state of play in financial services cybersecurity.
Posted June 30, 2017 by Jeff B. Copeland
A little more than a month after the WannaCry malware infected systems around the globe, a new ransomware epidemic locked screens this week, first in Ukraine, then the US, Russia, Germany, Australia and beyond.
Posted June 26, 2017 by Tyanna Smith
A RiskLens pilot is a consulting engagement and a small-scale implementation of the RiskLens software in your environment with your data to show the value of risk quantification.
Posted June 26, 2017 by Bryan Smith
Two weeks ago I had the pleasure of attending the Gartner Security & Risk Management Summit 2017. One theme in particular stood out to me:
Posted June 21, 2017 by Jeff B. Copeland
A new survey of cybersecurity officers finds that 73% have no way to calculate the financial impact of cyber attacks, and rely on their own estimates. And they’re bad at estimating.
Posted June 20, 2017 by Cody Whelan
In order to make risk analysis a sound, repeatable process, you need to have a series of steps or phases you follow time and time again. I’ve realized that many new to risk quantification, and even those with “mature” risk programs lack a structured approach to risk analysis.