RiskLens Blog

RiskLens CEO in ‘Security Week’ on How CISOs Can Demonstrate Business Value

Posted January 29, 2019 by Jeff B. Copeland

If you’re a CISO who sees your role as “keep the business secure” – you’re only partly right, RiskLens CEO Nick Sanna argues in an article just published by Security Week. ... Continue Reading

Wall St. Journal: One Year Out, "Uneven" Response to SEC Cybersecurity Guidance

Posted January 28, 2019 by Jeff B. Copeland

It’s been nearly a year since the Securities and Exchange Commission (SEC) issued its “Guidance on Public Company Cybersecurity Disclosures” that shook up cyber risk reporting for US public companies.  ... Continue Reading

Build Your Career in Risk - Get FAIR-Trained in 2019

Posted January 25, 2019 by David Musselwhite

In 2018, the RiskLens Academy provided FAIR education to more people than ever before. More than 600 learners participated in our live or online FAIR Analysis Fundamentals and FAIR Analyst Learning Path courses. ... Continue Reading

Jack Jones’ Solution to the Cybersecurity Skills Shortage: Prioritize

Posted January 23, 2019 by Jeff B. Copeland

Finally, a fresh perspective on the shortage in cybersecurity personnel that’s not about a) handwringing, b) more investment in university programs or c) more investment in AI or other advanced technologies. ... Continue Reading

Cyber Risk Tops 2019 Worries for Business, Say Conference Board, World Economic Forum

Posted January 22, 2019 by Jeff B. Copeland

Two authoritative surveys of senior corporate leaders on the outlook for 2019 put cyber risk at the top of their list of worries, right up there with recession and climate disasters. ... Continue Reading

Case Study: Evaluating ROI of Data Loss Prevention Controls

Posted January 18, 2019 by Taylor Maze

Sometimes, the hardest part of risk management is identifying the areas of weakness within your environment. I would argue, however, that more often than not, the more difficult undertaking is deciding how to address said weaknesses. ... Continue Reading

Three “Surprises” from a FAIR Cyber Risk Analysis

Posted January 17, 2019 by Brock Krawczun

We recently conducted an engagement with a bank analyzing the risk associated with wire fraud. The outcome surprised some of the team who went through the process. One of the biggest overall findings was that the loss exposure was significantly less than expected ... Continue Reading

Wall St. Journal on Proving Business Value in Cybersecurity to Boards

Posted January 15, 2019 by Jeff B. Copeland

In a new article for the Wall Street Journal's WSJ Pro Cybersecurity newsletter, Kim S. Nash writes that “Corporate security leaders often fight a perception among other senior leaders that cybersecurity efforts bring costs without quantifiable returns. ... Continue Reading

New Report Makes Strong Case for Risk-Based Approach to Cybersecurity by Boards

Posted January 11, 2019 by Jeff B. Copeland

The Advanced Cyber Security Center is just out with a study on Leveraging Board Governance for Cybersecurity that makes a strong case, and lays out some specific recommendations, for boards to demand cyber risk analytics—not operational checklists—as a basis for board oversight on cybersecurity.   ... Continue Reading

One CISO's Tips on Running a Cybersecurity Program with NIST CSF and FAIR

Posted January 9, 2019 by Jeff B. Copeland

Ian Amit faces a complex management problem as Chief Security Officer at Cimpress, the parent company for multiple independent businesses: Each unit chooses and operates its own technical stack and security and risk management in a “shared security responsibility” model. How to lead from behind? ... Continue Reading

Sign Up for Blog Updates

Popular Posts