When customers put money in a bank, they need to trust it will stay there. Because of the high stakes involved for the customer, such as financial loss, and how…
Browsing CategoryRisk Assessment
Moving at the Speed of Business — Challenging Our Assumptions About Cybersecurity
The traditional narrative for cybersecurity has been about limited visibility and operational constraints — not business opportunities. These conversations are grounded in various assumptions, such as limited budgets, scarce resources,…
Digital Transformation and Risk Management Must Go Together
The recent PwC 2022 Global Risk Survey gives a glimpse into what senior leaders think about their business efforts. The report opens with some expected highlights worth repeating: Change is…
Small Business Cybersecurity: What to Fix, What to Manage and What to Outsource
The risk posture of small and medium-sized businesses has changed a lot over the last few years. Bluntly: small businesses inherited a series of digital risks. Many of these risks,…
Changing the Conversation with Risk Quantification
“Quantitative risk analysis is the single most effective way to align security with business priorities and establish credibility with teams.” — U.S.-based CISO As organizations continue to leverage the latest…
What You Need to Know About Data Security Heading into 2022
Every business needs an effective data security strategy. Over the past year alone, 64% of companies worldwide faced some form of cyber attack, with an average cost of $4.24 million…
How to Quantify the Actual Cost of a Data Breach for Your Own Organization
As business leaders, we need to know what the biggest risks to our organizations are. All organizations face numerous disruptive challenges in today’s business environment that can create significant new…
How One Application Test Uncovered an Unexpected Opening in an Enterprise Call Tool
Working as security consultants is highly rewarding. Companies depend on us to view their environment from the perspective of an attacker and find vulnerabilities that could enable threats to succeed.…
Critical Business Operations Are At Risk, and Companies Are Not Making This a Priority
Many companies around the world with industrial operations environments, commonly referred to as operational technology (OT) environments, do not invest the same resources to protect OT systems as they do…
Driving the Desire for FAIR: What Is Your ‘Why’ for Security Risk Quantification?
One of the first questions I ask when working with an organization is “Why are you interested in making FAIR (Factor Analysis of Information Risk) a part of your standard…