Blog
Page 38 of 153
What a Cybersecurity Risk Management Process Entails
Organizations today are at greater risk of a cyberattack than ever before, and that risk will only grow as new technologies keep emerging in the future. That means an ever greater need for cybersecurity risk management — that is, the process of identifying, analyzing, prioritizing, and mitigating your organization’s cybersecurity risks. Ideally, your cybersecurity risk […]
September 9, 2023
Third Party Vendor Management Audit Program
A third-party vendor management audit program requires continuous review of cybersecurity risk and mitigation strategies.
Tags: Third-Party Management
The Statistical Analysis of Measuring Cybersecurity Risk
Businesses are more at risk of cyber attacks than ever before. Calculating that risk, however, can be a challenging task. In this post we will provide an overview of traditional calculation methods and explore the future of measuring cybersecurity risk: statistical analysis. The cost of a cyberattack can be painfully high, sometimes high enough to […]
Tags: Risk Management
September 1, 2023
Continuous Auditing vs. Continuous Monitoring
Continuous monitoring complements continuous auditing to provide proof of a security-first approach to cybersecurity and prove governance.
Tags: Audit Management
What is a Risk Assessment Matrix?
A risk assessment matrix is an important part of the risk management process. When managing risk, organizations must set objectives, catalog assets, define different risks, assess those risks, develop risk tolerance levels, and find ways to mitigate risks. The risk matrix is a visual representation of the risk analysis. It maps the risks on a […]
Tags: Risk Management
August 25, 2023
Most Efficient Techniques for Quantifying Risks
With so many threats facing modern companies, knowing which threats to address first can be challenging. Risk quantification is a technique that assigns a numerical value to threats, so you can prioritize issues that are most likely to occur or cause the most significant harm. This method does not work for all cyber attacks. Quantifiable […]
How to Conduct a Vulnerability Assessment
Repairing a weakness in your IT environment is always easier than dealing with the consequences of that weakness — like, say, a massive data breach — sometime later. This means your security team must be proficient at finding those weaknesses and assessing your IT environment’s vulnerabilities. Those vulnerabilities can include weak passwords, poor patch management, […]
Tags: Cybersecurity
Rob Ellis Named Acting Chief Executive Officer of RiskOptics
Ellis to drive continued growth and customer success for GRC and cyber risk software leader San Francisco, CA – August 24, 2023 – RiskOptics (formerly Reciprocity), a leader in governance, information security risk and compliance, has named Rob Ellis Acting Chief Executive Officer, effective immediately. Ellis was one of RiskOptics’ first hires; he ran GTM […]
August 23, 2023
Cyber Insurance 101: 5 Things Senior Management Needs to Know
With ransomware attacks and malware attacks on the rise, cyberinsurance is more than a buzzword. Before purchasing, you need to know a few things.
Tags: Insurance, Risk Management
August 18, 2023
NIST CSF Categories and Cybersecurity Framework Tiers (Updated 2023)
One of the most useful and versatile frameworks to help organizations manage cybersecurity risk is the Cybersecurity Framework (CSF) from the National Institute of Standards and Technology (NIST). The CSF consists of best practices, standards, and guidelines to manage cybersecurity program risk. They provide a baseline to build your risk management protocols. This voluntary framework […]
Tags: Cybersecurity, NIST
Page 38 of 153