What Are the Four Types of Risk Management?

risk management featured

We’ve discussed risk management and its complexity–what goes into it, what frameworks you can use, and how different forms of analysis and visualization can help you assess it effectively. 

But let’s pump the brakes a little. Have you thought about what to do about your risk profile? Do you know how to approach risk as a problem that needs a solution?

Here, we will discuss the four types of risk management approaches that enterprises use to address and navigate their cybersecurity risk.

 

Read More

Managed Service Providers: How Secure Are Your Services?

MSPs featured

The increasing use of cloud vendors and third-party providers has made advanced IT infrastructure and expertise available even to smaller organizations. It has also created an interconnected ecosystem of businesses, government agencies, utility firms and managed service providers (MSPs) that can potentially compromise security across multiple systems. 

If you’re a managed service provider, it’s your responsibility to ensure that your systems are secure, that your partnerships are equally secure, and that you maintain continuing risk management and monitoring against all services. 

 

Read More

FedRAMP and CISA: What Is Binding Operational Directive 22-01

fedramp featured

Managing cybersecurity threats is a full-time job, and most cybersecurity specialists rely on shared knowledge between experts in the field to combat these threats. The Common Vulnerabilities and Exposures (CVE) database provides a starting point for this kind of knowledge, centralizing an index of known security vulnerabilities in the wild. 

The CVE program recently joined with the Cybersecurity and Infrastructure Security Agency (CISA), which then feeds into new directives for federal agencies and cloud service providers (CSPs). One of these directives, Binding Operational Directive 22-01, establishes this new list and several other requirements for regulated organizations and is trickling down into other security requirements, including FedRAMP. 

 

Read More