RiskLens Blog

Avoiding Garbage In/Garbage Out in Cyber Risk Measurement

Posted August 24, 2017 by Tim Wynkoop

At RiskLens, we figure risk as the probable frequency and probable magnitude of a future loss – in other words, how often losses are likely to happen and how much loss is likely to result. 

... Continue Reading

Evolve Your Organization to Cyber Risk Economics: A Mini-Guide

Posted August 24, 2017 by Jeff B. Copeland

You’ve learned about the FAIR model and its highly practical and productive way of analyzing risk and now you can never look at a risk heat map without seeing all the guesswork that went into it.  

You’d like to bring risk quantification (and a more business-driven approach to risk in general) to your organization.

... Continue Reading

4 Successful Starter Projects with RiskLens (and 3 More to Do Next)

Posted August 23, 2017 by Leanne Scott

A question that we often see new RiskLens customers struggle with is, “where do we start analyzing risk?” The possibilities seem endless. 

... Continue Reading

To Make Your Risk Management Program Fly, First Fix Your Language

Posted August 17, 2017 by Rebecca Merritt

In 1999, NASA lost its $125-million Mars Climate Orbiter because the navigation team used the metric system to operate the spacecraft while the manufacturer had set it up to run on the English inches/feet/pounds system. "It is going to be the cautionary tale until the end of time,” a leading scientist said back then.

... Continue Reading

Join Us at The FAIR Conference in October

Posted August 14, 2017 by Jeff B. Copeland

RiskLens invites you to two days of immersion in the most advanced thinking on risk management, at a limited-attendance event with some of the smartest folks in information security: The FAIR Conference 2017, October 16-17 in Dallas.

... Continue Reading

Risk News & Trends: Risk Analysis of Your Boss; Insider Threat Survey; FAIR for Banks

Posted August 11, 2017 by Jeff B. Copeland

What we’re reading this week from the world of technology and operational risk management...  

... Continue Reading

Present Cyber Risk Reports to the Board that Spock Would Approve

Posted August 9, 2017 by Chelsea Brunson

You’re a CISO who’s prepared hard for your cybersecurity Board presentation, covering the company’s Top 10 Risks. To make the stakes higher, it’s annual budget time. You enter the boardroom, PowerPoint under control (you think), and are introduced to the new member of the Board.

... Continue Reading

Hire a CISO Quick. New York Cybersecurity Regulations Deadline Coming.

Posted August 9, 2017 by Jeff B. Copeland

August 28 is the first of the rolling deadlines to comply with the New York Department of Financial Services (DFS) new and far-reaching cybersecurity regulations for companies licensed under the state’s banking, insurance and financial services laws. 

... Continue Reading

Risk News & Trends: Disclosures Go Up; Petya Bites Profits; Cut Your Breach Costs

Posted August 4, 2017 by Jeff B. Copeland

What we’re reading this week from the world of technology and operational risk management...  

... Continue Reading

How to Ensure Your IT Risk Committee Speaks the Same Language

Posted August 4, 2017 by Jeff B. Copeland

Many large organizations have an Enterprise Risk Committee or Operational Risk Committee looking out broadly over the risk landscape. But forward-thinking organizations also empower an IT Risk Committee (reporting to either of those super committees).

... Continue Reading

Sign Up for Blog Updates