Risk Management Archives

Cyber Security Risks: The Changing Risk and Liability Landscape

InfoSecurity, Risk Management, UncategorizedFebruary 6, 2019291Views 0Likes 0Comments

Cyberrisks are fast-evolving, posing an ever-changing threat to businesses. Five years ago cyber security risks ranked at number 15 for most important peril. According to the annual Allianz Risk Barometer cyber security risks is now the second most important peril globally today. But some of these risks remain underestimated, and negligence scenarios are also increasing.…

enterprise-security-risk-management-concepts-applications-esrm-book-rothstein-publishing

Enterprise Security Risk Management Concepts Can Help Your Business

Risk ManagementFebruary 5, 2019327Views 0Likes 0Comments

How Can Enterprise Security Risk Management (ESRM) Help Your Security Program?

Find out now with your FREE Chapter!

You will further:

Explore how security has traditionally been viewed both inside and outside of the security profession.
Understand how Enterprise Security Risk Management can change the perception of security in your business organization to help you better communicate the value of security risk management.
See how ESRM is your best methodology to meet the changing global security risk climate.

hack-the-vote-cyberrisks-election-infrastrructure-rothstein-publishing

Hack the Vote 2: Cyberrisks to Election Infrastructure

Risk ManagementOctober 16, 2018315Views 0Likes 0Comments

In October 2016, the Risk Management cover story “Hack the Vote: Cyberrisk at the Ballot Box” highlighted many of the vulnerabilities in America’s election infrastructure. Continuing investigation in the wake of that election has made the stakes clearer than ever. Two years later, many of the vulnerabilities still remain, and many of the threats are…

BCI Manifesto for Organizational Resilience

Business Continuity, Risk ManagementJune 24, 2018290Views 0Likes 0Comments

The world is an ever-changing landscape in terms of risk, and as these changes happen, the business continuity and resilience industry must evolve. The BCI is proud to be a part of this evolution and we are releasing our Manifesto for Organizational Resilience during Business Continuity Awareness Week (BCAW) 2018. The manifesto positions us within the organizational resilience sphere; not as the ‘know-all’ organization, but as a central point for collaboration across all management disciplines.

BCI Manifesto for Organizational Resilience

Business Continuity, Risk ManagementMay 15, 2018264Views 0Likes 0Comments

The world is an ever-changing landscape in terms of risk, and as these changes happen, the business continuity and resilience industry must evolve. The BCI is proud to be a part of this evolution and we are releasing our Manifesto for Organizational Resilience during Business Continuity Awareness Week (BCAW) 2018. The manifesto positions us within the organizational resilience sphere; not as the ‘know-all’ organization, but as a central point for collaboration across all management disciplines.

On Stones, Clay and Rubber Balls, by Mark Armour

Business Continuity, Risk ManagementMay 9, 2018263Views 0Likes 0Comments

Why we need to agree on our definitions and change our thinking around risk management, business continuity and resilience.

First, this is not about where the responsibility for business continuity should reside within an organization. It is about the responsibilities of the business continuity profession and its practitioners. Lately, I’ve witnessed the practice of risk management begin to take over that of business continuity. Many practitioners promote this alignment and foster the perception that business continuity is simply a part of the practice of risk management. I say this is bad for both disciplines and the organizations they serve.

Enterprise Security Risk Management (ESRM): Concepts & Applications

Books, InfoSecurity, Risk ManagementMarch 5, 2018358Views 0Likes 0Comments

As a security professional, have you found that you and others in your company do not always define “security” the same way? Have security interests and business interests become misaligned? Brian Allen and Rachelle Loyear offer a NEW approach: Enterprise Security Risk Management (ESRM). By viewing security through a risk management lens, ESRM can help make you and your security program successful! Brian Allen and Rachelle Loyear show you step-by-step how Enterprise Security Risk Management (ESRM) applies fundamental risk principles to manage all security risks, based on years of practical experience and research. Whether risks you face are informational, cyber, physical security, asset management, or business continuity, all are included in the holistic, all-encompassing ESRM approach which will move you from task-based to risk-based security.

enterprise-security-risk-management-concepts-and-applications-by-brian-allen-and-rachelle-loyear-rothstein-publishing

Enterprise Security Risk Management: Concepts & Applications

Books, InfoSecurity, Risk ManagementDecember 14, 2017435Views 0Likes 0Comments

As a security professional, have you found that you and others in your company do not always define “security” the same way? Perhaps security interests and business interests have become misaligned. Brian Allen and Rachelle Loyear offer a new approach: Enterprise Security Risk Management (ESRM). By viewing security through a risk management lens, ESRM can help make you and your security program successful. In their long-awaited book, based on years of practical experience and research, Brian Allen and Rachelle Loyear show you step-by-step how Enterprise Security Risk Management (ESRM) applies fundamental risk principles to manage all security risks. Whether the risks are informational, cyber, physical security, asset management, or business continuity, all are included in the holistic, all-encompassing ESRM approach which will move you from task-based to risk-based security.

Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk

InfoSecurity, Risk ManagementDecember 14, 2017293Views 0Likes 0Comments

Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that…

Your Guide to Cybersecurity Law

InfoSecurity, Risk ManagementApril 9, 2017298Views 0Likes 0Comments

In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s The Manager’s Guide to Cybersecurity Law: Essentials for Today’s Business, lets you integrate legal issues into your security program. Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.”