Risk management and assessment is the practice of assessing an organization’s security systems against possible vulnerabilities and gaps to determine how much “risk” is acceptable as part of doing business. Factors like compliance, emerging threats and changes in technology and business operations all play an immense role in how security experts manage the risk their organizations are willing to take on, and how much they will invest in their cybersecurity infrastructure. 

As we pass the halfway point of 2021, we look back to some of the trends that have played a role in risk management and assessment. In some ways, the story of risk in 2021 is heavily dictated by 2020, as the COVID pandemic has fundamentally altered how companies in multiple industries worldwide continue to do business. 

Read More

Compliance and risk management aren’t the same, but they are closely aligned with one another. Companies operating with IT and data-intensive technologies and industries must attend to the reality that risk of breach, damage, or data loss exists in their system and that they will almost always have to manage the balance between optimized business goals and security and compliance requirements. 

Risk management, however, can be a simpler and more streamlined process with the use of automated tools. Here, we’ll introduce how automation speaks to risk assessment and management. 

Read More

With the more recent threats and attacks we’ve seen in both the Colonial Pipeline and SolarWinds hacks, the question of infrastructure security is firmly in the collective consciousness. With President Biden’s Executive Order focusing executive resources to beef up cybersecurity, the efforts of the government are turning towards addressing some of the gaps that have been around for the past few years. 

This reality calls for private contractors and any business with infrastructure-critical services in areas like energy, defense, financial services or other areas to take the right steps to address these issues. Fortunately, the NIST Framework for Improving Critical Infrastructure Cybersecurity provides a thorough risk assessment framework to help. 

Read More