This is Part Four of a Six-Part blog series on Cyber Risk Management from guest blogger Simon Goldstein. Every approach to risk management, cyber-oriented, operational, IT, financial, and so on covers the core basics NIST describes as Identify, Protect, Detect, Respond, and Recover. And there are also many ways to describe the performance operations needed[…]
This is Part Three of a Six-Part blog series on Cyber Risk Management from guest blogger Simon Goldstein Senior Executives perform an important role in any effective cyber risk and security program. They are the executors of the governance function. They provide direction, resources, and policy leadership. They are neither a rubber stamp, nor simply[…]
This is Part Two of a Six-Part blog series on Cyber Risk Management from guest blogger Simon Goldstein Is your risk program awash in expanding piles of data, from many organizational, operational, and functional sources, that offer no clear sense of useful information? Do you find that comparing where you were a year ago to[…]
This is Part One of a Six-Part blog series on Cyber Risk Management from guest blogger Simon Goldstein In a report published by the Institute of Internal Auditors Research Foundation (IIARF) on what boards of directors need to ask about cybersecurity, it was noted that only a bit more than 14% were actively engaged in[…]
