RiskLens Blog

What Does a Gartner Shift From GRC to IRM Mean for Risk Management Programs?

Posted February 22, 2019 by Isaiah McGowan

John Wheeler, lead analyst at Gartner for integrated risk management (IRM)  solutions, penned a piece calling for an evolution from compliance-aware to risk-aware governance programs. What does that mean for the risk management programs of the world? ... Continue Reading

Survey: Tell Us How the RiskLens Blog Could Best Meet Your Needs

Posted February 21, 2019 by Jeff B. Copeland

Please take two minutes for a short survey on the topics you'd like to see covered by the RiskLens blog that would most help you advance your knowledge and skills ... Continue Reading

See You at RSA Conference 2019!

Posted February 20, 2019 by Jeff B. Copeland

Going to RSA Conference 2019, March 4 to 8 in San Francisco? Of course you are – it’s the cybersecurity industry event of the year – and so will the RiskLens crew, including CEO Nick Sanna, President Steve Tabacek and Chief Risk Scientist Jack Jones ... Continue Reading

3 Key Competencies for a Successful IT Risk Program

Posted February 19, 2019 by Jeff B. Copeland

The FAIR model (the engine powering the RiskLens cyber risk quantification platform) is a disciplined approach to cyber risk analysis that eliminates the guesswork – and the red-yellow-green color coding – from risk reporting and sets up IT risk analysts to deliver the kind of financially based analyses that the rest of the business wants to see. ... Continue Reading

Wall St. Journal Asks: What’s the Magic Number for Cybersecurity Budget? We Have an Answer

Posted February 8, 2019 by Jeff B. Copeland

In an article “Looking for a Magic Number”,  Kim S. Nash of the The Wall Street Journal’s WSJ Pro Cybersecurity newsletter (subscription required) writes that “everyone wants a gauge but none exists” to set a cybersecurity program budget. ... Continue Reading

RiskLens CEO in ‘Security Week’ on How CISOs Can Demonstrate Business Value

Posted January 29, 2019 by Jeff B. Copeland

If you’re a CISO who sees your role as “keep the business secure” – you’re only partly right, RiskLens CEO Nick Sanna argues in an article just published by Security Week. ... Continue Reading

Wall St. Journal: One Year Out, "Uneven" Response to SEC Cybersecurity Guidance

Posted January 28, 2019 by Jeff B. Copeland

It’s been nearly a year since the Securities and Exchange Commission (SEC) issued its “Guidance on Public Company Cybersecurity Disclosures” that shook up cyber risk reporting for US public companies.  ... Continue Reading

Cyber Risk Tops 2019 Worries for Business, Say Conference Board, World Economic Forum

Posted January 22, 2019 by Jeff B. Copeland

Two authoritative surveys of senior corporate leaders on the outlook for 2019 put cyber risk at the top of their list of worries, right up there with recession and climate disasters. ... Continue Reading

Wall St. Journal on Proving Business Value in Cybersecurity to Boards

Posted January 15, 2019 by Jeff B. Copeland

In a new article for the Wall Street Journal's WSJ Pro Cybersecurity newsletter, Kim S. Nash writes that “Corporate security leaders often fight a perception among other senior leaders that cybersecurity efforts bring costs without quantifiable returns. ... Continue Reading

New Report Makes Strong Case for Risk-Based Approach to Cybersecurity by Boards

Posted January 11, 2019 by Jeff B. Copeland

The Advanced Cyber Security Center is just out with a study on Leveraging Board Governance for Cybersecurity that makes a strong case, and lays out some specific recommendations, for boards to demand cyber risk analytics—not operational checklists—as a basis for board oversight on cybersecurity.   ... Continue Reading

Sign Up for Blog Updates

Popular Posts