Posted June 28, 2018 by Jeff B. CopelandGive us 54 minutes for this recorded webinar right now and two of our most efficient explainers of cyber risk quantification will walk you through the driving forces that are revolutionizing the way that cyber risk is measured and managed.
Posted June 22, 2018 by Jeff B. CopelandIn an article for GCN, “Real Cyber Hygiene Depends on Risk Assessment, Not Compliance,” RiskLens CEO Nick Sanna argues that the Cyber Hygiene report card issued to federal agencies by the Department of Homeland Security’s US-CERT falls short. It’s a technical vulnerability scan, not an actual risk analysis generating the most relevant information that decision-makers need, Nick writes.
Posted June 21, 2018 by Jeff B. CopelandMaps → GPS. Flip-phones → iPhones. Qualitative cyber risk assessment → Quantitative cyber risk assessment. See a pattern here? There come inflection points when we realize that tools we once had to work with were inadequate in ways we could never have imagined.
Posted June 13, 2018 by Jeff B. CopelandThe access process for the service portal of a global technology manufacturing company had a serious flaw. Once in the portal, anyone could get in and download the materials they needed to compete with the technology company’s authorized partners to service its products.
Posted May 31, 2018 by Jeff B. CopelandSurveys of corporate directors consistently show that boards aren’t satisfied with reporting from chief information security officers and rank them at the bottom in management for communication skills. At the recent Cyber Balance Sheet summit in New York, that disconnect was clearly on display
Posted May 29, 2018 by Jeff B. CopelandTwo recent surveys of public company corporate directors – by PwC and Corporate Board Member Magazine/Spencer Stuart--found considerable worry about cyber risk and dissatisfaction with management reporting on cybersecurity.
Posted May 24, 2018 by Jeff B. CopelandWe’re into continuous improvement based on user feedback around here, and the latest iterations from our product workshop are all about adding the flexibility we know customers want to fine tune their analyses for the sharpest possible picture of cyber risk. Here are some of the latest features for the RiskLens quantitative analysis platform:
Posted May 24, 2018 by Jeff B. CopelandThe leading organization for information security training, the SANS Institute, is offering a four-day intensive training course, Measuring and Managing Cyber Risk Using FAIR, September 10-13, 2018, in Baltimore.
Posted May 21, 2018 by Jeff B. CopelandA financial services company suspected it was suffering “death by a thousand cuts” from data leaks due to employees accidentally emailing out customer-sensitive information.
Posted May 18, 2018 by Jeff B. CopelandWe recently spotted this tweet from a cyber risk professional attending a security conference, listening to a panel of CISOs and CTOs speak: “Kinda like a (music) conductor who tells all the other conductors that nobody comes to his shows because the public just doesn’t understand music