Introducing Crosswalking Templates
Crosswalking can be a handy tool to view control performance for a single asset/system against multiple frameworks. One can complete an assessment using one framework by indicating which controls align between frameworks and then carry that data to several other evaluations leveraging different frameworks. For example, if you completed an ... Read More
Best Practices for Data Cloud Security
As more businesses move to hybrid environments or adopt a cloud-first approach, the time has come to consider the latest cloud security best practices to safeguard their people, processes, and data ... Read More
The End of the Cyber Silo: Why Cybersecurity is Now a Shared Responsibility
Cybersecurity is an evolving topic of interest. Only a couple of decades back, the title of Chief Information Security Officer (CISO) did not even exist. What cybersecurity was and people's work in this field seemed very convoluted. It seemed like some technical back office function businesses had, but not everyone ... Read More
7 Reasons You Need a NIST Incident Response Plan
A well-defined and robust incident response plan can dramatically minimize the damage to a company when disaster strikes. A practical incident response approach helps distribute and codify the incident response strategy across the organization ... Read More
Cybersecurity Reporting Tools That Will Make Your Life Easier
The cybersecurity industry has proliferated in the past few years, and as it has grown, so has its value. According to research conducted by Statista, the cybersecurity market is currently worth $159.8 billion and is expected to grow to $345.4 billion by 2026. As the number of cyber and IT ... Read More
Navigating Regulatory Complexity: How to Scale a Risk and Compliance Program in 2022
If the past few years have taught us anything, it’s that uncertainty is inevitable. Uncertainty and risk are things we cannot avoid, and if we can learn to manage these two aspects, they can instead propel us to grow and become more adaptable to shifting environments. Following these last few ... Read More
How Does FAIR Fit into Cybersecurity?
The Factor Analysis of Information Risk (FAIR) methodology breaks down risk into elements that organizations can compute, understand, analyze and quantify cyber threats and their financial impact. ... Read More
Rules for Effective Cyber Risk Management
Cybersecurity threats are becoming more challenging for businesses. According to PurpleSec’s Cyber Security Trend Report in 2021, cybercrime surged by 600% during the pandemic, increasing the costs incurred by cybercrimes at an astonishing rate ... Read More
A Pocket Guide to Factor Analysis of Information Risk (FAIR)
FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR is the only international standard quantitative model framework that offers operational risk and information security. This methodology dramatically benefits mature organizations that utilize IRM (Integrated Risk Management) solutions. ... Read More
A Pocket Guide to FAIR
FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR is the only international standard quantitative model framework that offers operational risk and information security. This methodology dramatically benefits mature organizations that utilize IRM (Integrated Risk Management) solutions. ... Read More