Posted September 20, 2018 by Jeff B. CopelandA study by Kaspersky Lab on data protection for personally identifiable information, uncovered a new insight into the cost of data breaches: In almost one-third of the breaches studied, someone lost a job in the aftermath.
Posted September 18, 2018 by Jeff B. CopelandRiskLens CEO Nick Sanna has a bad news/good news message for CISOs, just published on the SecurityWeek website: Expectations for CISOs Have Changed.
Posted September 5, 2018 by Jeff B. CopelandIn a new article on Homeland Security Today, Jack Jones critiques the government’s push for better cyber risk management of federal networks and critical infrastructure, kicked off by last year’s presidential Executive Order, with the advice of the mysterious smiling cat
Posted August 30, 2018 by Jeff B. CopelandListen (on demand) to this webinar, led by veteran RiskLens risk consultant Rachel Slabotsky, for a quick, high level introduction to the FAIR model for cyber risk quantification, along with a look at some use cases for the RiskLens application that solve the problems we most often hear about from clients.
Posted August 28, 2018 by Jeff B. CopelandIn a new article on the SecurityWeek website, Cyber Risk = Business Risk. Time for the Business-Aligned CISO, RiskLens CEO Nick Sanna writes that this era of heightened awareness of cybersecurity should be a great opportunity for CISOs to command the attention of top brass but “it’s also a challenge that many infosec pros won’t be prepared for.”
Posted August 23, 2018 by Jeff B. CopelandIn the National Association of Corporate Directors recent members survey, 22 percent of those responding were “dissatisfied” or “very dissatisfied” with the quality of cybersecurity reporting they received. Of the very dissatisfied, 44% complained that management "doesn’t provide enough transparency into problems."
Posted August 20, 2018 by Jeff B. CopelandThe Institute behind the FAIR model (that’s Factor Analysis of Information Risk) that RiskLens supports as a Technical Advisor recently passed two milestones that confirm the growing movement to quantitative risk analysis and FAIR, the only international standard for quantification of information security and operational risk.
Posted August 7, 2018 by Jeff B. CopelandIf you’re looking for a no-prerequisites introduction to the FAIR model for cyber risk analysis and the RiskLens application for cyber risk quantification that runs on FAIR, take under an hour to listen to Cary Wise, our risk consultant and veteran of introducing FAIR to a long list of businesses like yours.
Posted July 31, 2018 by Jeff B. CopelandThe influential International Standards Organization (ISO) updated its standard for risk management, ISO 31000, earlier this year, to make it “clearer, shorter and more concise,” the ISO said.
Posted July 31, 2018 by Jeff B. CopelandThe 2017 Enterprise Risk Management Benchmark Survey by The Risk Management Society (RIMS) found that 73% of organizations surveyed across 14 industries report “either having fully or partially integrated ERM programs in operation” and 61% said that ERM informs and influences their corporate strategies. The driver is the increasing interdependence of risks facing enterprises.