RiskLens Blog

Cody Whelan

Cody Whelan is a Risk Consultant for RiskLens

Find me on:

Recent Posts

2 Tips for Smarter, Faster Risk Analysis

Posted September 22, 2017 by Cody Whelan

A common concern I hear from new RiskLens customers starting with cyber risk quantification, along with some executives of our existing customer base, is that the risk analysis process, more specifically data gathering, takes too long and is too burdensome on their resources.

... Continue Reading

4 Steps to a Smarter Risk Heat Map

Posted July 24, 2017 by Cody Whelan

The risk heat map. An industry staple for many years.  The standard 3x3, or 5x5 chart that has frequency on one axis, severity on the other, with colors ranging from green to red.  

... Continue Reading

In Quantitative Risk Analysis, Words Matter, Too

Posted July 10, 2017 by Cody Whelan

I’m one of the lucky members of the RiskLens Professional Services team who has the opportunity to deliver on-site training to new and existing customers.  Our training engagements are always interactive, informative, for both our clients and myself, and most importantly a fun time. 

... Continue Reading

The Risk Analysis Process at RiskLens

Posted June 20, 2017 by Cody Whelan

In order to make risk analysis a sound, repeatable process, you need to have a series of steps or phases you follow time and time again.  I’ve realized that many new to risk quantification, and even those with “mature” risk programs lack a structured approach to risk analysis. 

... Continue Reading

How I Analyzed the Top 10 Cybersecurity Risks for a Financial Institution (a Deep Dive)

Posted May 19, 2017 by Cody Whelan

For a few weeks now in blog posts, I’ve referenced the Top 10 cybersecurity risk analysis I conducted with RiskLens for a financial institution customer (see In a Top 10 Risks Analysis, Get These Two Factors Right).  Now that anticipation is at a peak, I figured I would provide my overview, along with some key insights to each risk-analysis scenario.  

... Continue Reading

In a Top-10 Risks Analysis, Get These 2 Factors Right

Posted May 2, 2017 by Cody Whelan

I just wrapped an engagement analyzing a bank’s top 10 risks with RiskLens, and the results were surprising: One of the risks the bank’s infosecurity team most feared turned out to be not much of a concern while another risk that was flying under their radar in fact had the potential to do them serious harm.

... Continue Reading

Case Study: Data Walking Out the Door. Data Masking Worth It?

Posted March 17, 2017 by Cody Whelan

The CISO knew he had a data leak but he didn’t know how big. He suspected data masking was the solution but he couldn’t make a business case for the investment. Those were the problems RiskLens Risk Consultant Cody Whelan and team set out to solve for this client. (No company names here; we respect our clients’ privacy.) 

Read Cody’s notes to pick up the story:

... Continue Reading

How to Get Better Risk Analysis Results by Focusing on Probability vs Possibility

Posted February 27, 2017 by Cody Whelan

Trench warfare on the risk analysis front

I am ashamed to admit it, but it’s happened to me before.

... Continue Reading

Assumptions Are A Powerful Thing

Posted February 16, 2017 by Cody Whelan

In my last post, I discussed the importance of scoping in risk analysis.

... Continue Reading

How To Scope A Risk Analysis Using FAIR

Posted January 27, 2017 by Cody Whelan

There is nothing finer than a well-constructed and thought-out risk scenario, bar none.

... Continue Reading

Sign Up for Blog Updates