Category Archives: Risk Management

Improving Third-Party Cyber Risk Management with MetricStream and BitSight
Posted by

Improving Third-Party Cyber Risk Management with MetricStream and BitSight

With the growing reliance of organizations on an interconnected network of third parties, they are becoming increasingly vulnerable to a plethora of risks. A 2020 Ponemon survey found that a typical enterprise has an average of 5,800 third parties, and the number is expected to grow by 15 percent this year. As the third-party network […]

Thrive on Risk and Build Resilience with an Agile and Integrated Risk Management Program
Posted by
Posted in

Thrive on Risk and Build Resilience with an Agile and Integrated Risk Management Program

As the uncertain business environment continues to linger in the wake of the COVID-19 pandemic, organizations must boost their preparedness for the unknown unknowns to ensure uninterrupted business operations. Work has moved home due to the pandemic but has not slowed down. To understand the state of risk management and how risk professionals are approaching […]

The Art and Science of Risk Aggregation: Harvesting Different Metrics Across Multiple Dimensions
Posted by
Posted in

The Art and Science of Risk Aggregation: Harvesting Different Metrics Across Multiple Dimensions

The credit and financial crises have proved that looking at risk management through the rearview mirrors is dangerous. Since then, organizations – especially banks and financial services institutions – recommend adopting a forward-looking approach to risk management. Organizations of all sizes now want to assess and aggregate risks across various processes, business lines, and risk […]

The Third-Party Risk Perspective on Microsoft Hack
Posted by
Posted in

The Third-Party Risk Perspective on Microsoft Hack

Earlier this month, tech titan Microsoft reported a state-sponsored cyber breach which is said to have impacted thousands of businesses around the globe. In a blog post, the Microsoft Threat Intelligence Center (MSTIC) attributed this breach with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China. The group was […]

Key Compliance Areas to Focus On: A 360-degree View
Posted by
Posted in

Key Compliance Areas to Focus On: A 360-degree View

As the pandemic continues to batter right through into 2021 and businesses return to the next normal with vaccines making their way into our lives, staying on course with compliance becomes even more critical. Why so? Regulatory and Corporate compliance, closely tied to brand image and reputation, tops any organization’s priority today to steer clear […]

Improving Business Performance with Integrated Risk Management
Posted by
Posted in

Improving Business Performance with Integrated Risk Management

Today, business leaders and risk managers are required to navigate an increasingly complex risk landscape that is evolving at a rapid pace. Economic, environmental, geopolitical, technological, and other factors and their growing interdependencies are resulting in an ever-changing and expanding risk environment, making risk management extremely challenging. The current volatile operating environment has questioned the […]

Lessons Learned from the FireEye Breach
Posted by

Lessons Learned from the FireEye Breach

The recent FireEye breach is perhaps the most significant cybersecurity headline of 2020, with one of the leading advanced threat detection vendors falling victim to an apparent state-sponsored attack. As new details of the breach unfold, the nexus between cybersecurity and risk management become increasingly evident, forming the basis of several lessons learned. Third Party […]

What to Know about California’s New Privacy Act
Posted by

What to Know about California’s New Privacy Act

Without question, 2020 has been an interesting year, and with so much attention paid to the recent U.S. Presidential election, it is easy to overlook an important ballot initiative, Proposition 24, which effectively replaces the relatively new California Consumer Privacy Act (CCPA). For businesses that buy, share or utilize California resident data, this is big. […]