Blog Posts Tagged with "Risk"

D39e8a0d81c2a146f879631550fb065b

GRC: Going Beyond the Acronym

March 10, 2017 Added by:Corey Wilburn

An effective GRC disciple requires a company-wide buy-in. The easier you make it for your colleagues, the easier you make it for yourself.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Key Risk Management Issues For 2016

January 13, 2016 Added by:InfosecIsland News

Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year. Effective risk management and mitigation will be critical, since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid

July 31, 2015 Added by:Joe Weiss

The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

Some Simple Definitions for Risk and Security Discussions

September 19, 2012 Added by:Stephen Marchewitz

Every time I read something regarding the core terminology in security and risk management, I start to question whether they really know what they’re talking about. Even worse, some speak with so many words and such arrogance, I start question whether I know what I’m talking about...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance: Know Who You Are Doing Business With

May 06, 2011 Added by:Thomas Fox

Both risk and compliance are converging. Your company should review its compliance program in these three areas to determine if any of its business relationships are on the lists set out in this article. Not only does it make business sense, but it may keep you out of regulatory scrutiny..

Comments  (0)

67a9d83011f3fbb2cf8503aff453cc24

Information Security Risk Management Programs Part 3

April 21, 2011 Added by:kapil assudani

Business use cases must be consumed by the IT group to build functional/non-functional requirements. Security mis-use cases in their remediated language turn into functional/non-functional requirements. If security is engaged - we translate them into detailed technical requirements...

Comments  (0)

6429389c5e8a4c9555be876f8484331a

Web Application Security: Minimizing the Risk of Attacks

April 19, 2011 Added by:Sasha Nunke

Vulnerabilities in web applications are now the largest source of enterprise security attacks. Web application vulnerabilities accounted for over 55% of all vulnerabilities disclosed in 2010, according to an IBM X-Force study. That may be the tip of the iceberg...

Comments  (0)

67a9d83011f3fbb2cf8503aff453cc24

Information Security Risk Management Programs Part Two

April 18, 2011 Added by:kapil assudani

In many companies, the culture is to embrace security only where it is absolutely necessary, and this usually comes through corporate security policies and industry regulations. Beyond these, security groups hardly have any teeth - unless its a critical security issue...

Comments  (0)

1789975b05c7c71e14278df690cabf26

The "Lots of Sex" Risk and Security Project

March 16, 2011 Added by:Pete Herzog

Routines make us predictable which, becomes our flaw. The problem with "patching" these flaws is that they are design features which are the product of being human. In addressing those flaws we will also ruin many of the good things about people which make them creative, social, and productive...

Comments  (8)