Articles tagged with: risk management

It’s time for a new cyber risk management model

It's time for a new cyber risk management model

An overwhelming attack surface, voluminous vulnerabilities, sophisticated threats, and new business requirements demand a new cyber risk management model.

cyber risk management model, risk management, attack surface, voluminous vulnerabilities, sophisticated threats

The ins and outs of risk management

The ins and outs of risk management

Risk Management

With technological advancements rapidly increasing over the past couple of years, it’s unsurprising that data breaches have slowly crept up the list of small business owners’ biggest fears. For an SME (small-to-medium enterprise) that may not have even considered the possibility of this issue, the consequences of a breach could, in some cases, be fatal to the business. So you can see why the thought of not having protection in place is a scary one. So with an ever-increasing need for better risk management, what do you really need to know?

4 Best Practices for Backing Up Endpoints in Your Business

4 Best Practices for Backing Up Endpoints in Your Business

Backing Up Endpoints, risk management, information security
Follow these critical steps to minimize threats to data in highly mobile environments.

The risk of data loss can keep any IT manager up at night. Disappearing data can cause major expense and even serious damage to the credibility of a business and significantly affect the productivity of ­individual employees and workgroups.

Risk Management: How to Prevent Costly Supply Chain Incidents

Risk Management: How to Prevent Costly Supply Chain Incidents

risk management, iso 27005 risk manager, iso 31000 risk manager, supply chain security
Preventable corporate scandals, as seen by headline events related to Pepsi, Wells Fargo, Volkswagen, Chipotle and Wendy’s, result from a variety of risk management failures across a variety of industries. Notable scandals include cybersecurity failures at retail organizations and restaurants, quality control issues at manufacturers, and ineffective asset management and access rights at financial institutions.

IT job profile: So you want be a CISO

IT job profile: So you want be a CISOWant be a CISO, CISO, CISSP, CCISO, CISM, CISA, ISO 27001, Information security, Risk Management

Want be a CISO? Chief Information Security Officer (CISO) is a coveted position in many IT organizations. The high demand for qualified CISOs leads to tremendous competition for capable candidates and correspondingly high salaries. But what’s the real deal behind the scenes? Do you have what it takes to serve in a CISO role? If not, what qualifications do you need before you can join the information security big leagues?

Sitting in an organization’s senior-most security chair requires a unique mixture of professional experience and educational background. The CISO position is a career capstone for some and a way station to the CIO chair for others. Either way, arriving at this destination requires careful career planning. Most CISOs don’t get there by accident.

Can You Measure Your Building’s Penetration Risk?

Can You Measure Your Building’s Penetration Risk

How can you measure your risk of unauthorized entry? Until now, it’s been virtually impossible. When it comes to security entrances, new analytics technologies (e.g. PSIM, IoT, etc.) are emerging, and it’s becoming possible to use technology, combined with people, to tap into security entrance metrics as part of an overall physical security strategy.
Risk, risk management, access management, security management

Measuring penetration risk is about prediction, and to accurately predict requires a reliable tailgating prevention strategy, otherwise any PSIM or other available analytical tool will fall short. In this article, we’ll talk about the challenges security professionals face related to penetration risk measurement; later, in a second article, we’ll demonstrate how a tailgating prevention strategy actually works and the metrics that can help predict your risk of penetration.

Mitigating internal risk: Three steps to educate employees

Risk ManagementBy Help Net Security on 20 December 2016

cyber risk, risk management, security awareness
IT security is usually focused on how to prevent outsiders with malicious intent from causing harm to your IT systems and data. While this is a valid concern, people within organizations who simply do not understand the consequences of their everyday habits and behavior on company computers pose an equivalent if not greater risk.

Every person within a company that has access to information is a gateway for data exfiltration. This is why education for ALL employees that encourages following best practices for IT security safety is extremely important to implement within organizations. So where should you start? Take 3 easy steps.