New Year, New You: 7 Resolutions for InfoSecurity and Risk Professionals

December 9, 2019  Jeff B. Copeland

If there’s one thing we learn (and re-learn) every January from reading all those lifestyle-advice magazines, it’s that New Year’s resolutions have to be “realistic” and “attainable” and “based on a hard look at where you currently stand”.

So we put together this list of goals--and guides on how to achieve them--that we think will benefit your professional life in information security or risk management at least as much a new gym membership will benefit your personal life. Or probably more, since we’re pretty sure you’ll stick with these goals, once you see how they simplify and rationalize your work.

1.  Raise Your Personal Bar for What’s Attainable in Risk Measurement

You may recognize yourself in this portrayal of risk managers who know they’re not doing right by their organizations because they’re not aiming high enough, and delivering risk reporting that meets the demands of management for actionable information in financial terms. You can do better, and this guide points the way.

Guide: Stop Settling for Less in Risk Analysis

2. Learn a New Vocabulary

This is the next step beyond Resolution #1 – how to align your risk management with the broader goals of the business.

Guide: Too Many CISOs and Technology Risk Executives Miss the Big Picture

3. Brush Up Your Interpersonal Skills

No matter what you want to achieve this year in risk management, it will take a small village radiating out from your immediate team, perhaps all the way up to the board of directors.  This guide covers how to introduce quantitative to an organization, but it’s really a manual for how to persuade or influence those around you to change.

Guide: ‘Soft Skills’ for a Successful FAIR Program Launch

4. Clean Up Those Bad Habits

Easy to do – but empty calories, so to speak. We’re talking about assigning risks red-amber-green ratings and placing them on a heat map based on guesswork.  And we’re talking about dumping every issue into a risk register whether they’re really risks or not.  Read these guides for a fresh start on using these common tools.

Guides: 4 Steps to a Smarter Risk Heat Map

How to Unscramble Your Risk Register with FAIR

5Take Our Online and Video FAIR Training Course

If you haven’t learned the FAIR approach to risk, this is your year. The FAIR Analysis Fundamentals course, taught by RiskLens Academy, will change your outlook on risk and your career.

Guide: FAIR Training and Certification

6. Go for Some Quick Victories

If you’re ready to start risk quantification, here’s the complete list of first projects we’ve seen RiskLens customers succeed at, showing instant value to their organizations.

Guide: 4 Successful Starter Projects with RiskLens (and 3 More to Do Next)

7. Expand Your Horizons on Risk – Read these Books

From Superforecasting to Thinking Fast and Slow and many more titles, conquer this reading list by the end of the year for a bigger and more inspiring sense of your profession.

Guides: 5 Must Read Books to Jumpstart Your Career in Risk Management

3 More Must-Read Books to Jumpstart Your Career in Risk Management