Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

Making the Most of a Hardening Market for Cyber Insurance - Kovrr

Join us for a webinar that discusses alternative data points insurers can use to make more data-driven decisions for their renewal strategy focused on policy profitability. Included in the pannel discussion is Laura Johnson, Cyber Practice Head, Chauser, Visesh Gosrani, Chair of the IFoA Cyber Risk Working Party, Amir Kessler, Cyber Risk Expert & Product Manager, Koverr and Marty Ellingsworth, Senior Analyst, Celent.
Featured Post

Project Management Lessons Learned From Risk Management

While risk management can be draining, it offers crucial lessons that enable managers to implement projects efficiently. If you undertake a thorough risk analysis before any project, you'll identify all the gaps and create mitigation strategies. This way, you'll save time and resources.

Understanding Cybersecurity Supply Chain Risk Management (C-SCRM)

Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor’s vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of how far, complex and even convoluted your supply chain is. Then measure this complexity with your risk appetite.

Improve Workflow Collaboration with Slack Integration for ZenGRC

Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.

Featured Post

Data Protection Vs. Cyber Security: Why You Need Both

In recent years, both large and small organizations have been affected by data breaches. Business owners, C-suite executives, and CIOs face the reality that they can be a target of security breaches at any time. These incidents can jeopardize your organization's credibility besides leading to financial and productivity losses.

ISO 27001 Firewall Security Audit Checklist

Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, organizations are putting more emphasis on compliance as well as the auditing of their cybersecurity policies and cybersecurity controls.

Security risk assessments explained

This blog was written by a third party author. A security risk assessment is a formal method for evaluating an organization's cybersecurity risk posture. Comprehensive security risk assessments take stock in business objectives, existing security controls, and the risk environment in which the business operates. When done well, the assessment identifies security gaps in existing controls as compared with industry best practices.

Supply Chain Risk Management - What You Need to Know to Build a Successful SCRM Program

There is a story from years ago about a warehouse network of computers that was separated from the main network. Those machines were running older OSes. But since they weren’t connected to the company network, didn’t hold company data, and only ran the warehouse machines, they were deemed secure. One day, the sysadmin noticed that all of those computers had a glitch at the same time. He remotely rebooted and went back to his desk. But they all glitched again. What happened?

How to Implement Effective Compliance Testing

Compliance testing, also known as conformance testing, is a periodic, independent, and objective assessment of compliance-related processes and/or controls. The goal of compliance testing is to determine whether the elements, processes, and controls of your compliance program are designed appropriately and operating as designed. Compliance testing follows an established process and plan as well as a risk-based approach.