We held RSA Charge 2016 in New Orleans, the week prior to Halloween, in the “most haunted city in America” – and what a phenomenal turnout! We were thrilled to have more 2,000 attendees register and join us in person to share best practices for GRC, security and business risk management. The conference proved again a fantastic venue for our customers and partners to gain…
Sir Francis Bacon is attributed with the quote, “Knowledge is Power”. There have been many variations on this phrase but I want to add one more twist around information assets. I presented at a conference last week where the session was dedicated to discussing the risks and…
For the third year in a row, RSA Archer has been named a Leader in Gartner’s Magic Quadrant (MQ) for Business Continuity Management Planning Software (BCMP)! Gartner states in their report that the business continuity management (BCM) market is changing because “continuity of operations is being…
We have all had that moment walking out of the shopping mall or the airport. Everyone knows the feeling when that rush of doubt takes hold of our brains. We stand frozen and frantically wait for our cerebral cortex to do its thing and pluck…
The Financial Stability Board (FSB), an international body that monitors and makes recommendations about the global financial system, published “Principles for An Effective Risk Appetite Framework” in November 2013. Regulations were finalized around these principles by some regulators including the Comptroller of the Currency in 2014. Although the genesis is FI-related, there are a lot…
Risk intelligence measures an organization’s understanding and implementation of risk management strategies, which are essential to gaining a competitive advantage in any industry. However, after indexing nearly 400 organizations, RSA concluded that less than 10 percent of companies have a risk management strategy that is mature enough to be considered “advantaged.” This signifies that 90…
One of the great things about events such as the Next-Generation Security Summit is the opportunity to network and share information with security leaders from multiple industries. In recent sessions, third-party risk has been a particularly hot topic. In the banking industry, this discussion is being driven in large part by the US Office of…
In my last blog post, I posed the concept of Cyber Risk Appetite as something that all organizations need to consider today. I used the analogy of a balanced diet of risk – taking some risks to keep the business growing while avoiding so much risk that the business becomes bloated. The objective is to…
Even if your business partners’ security policies and processes were thoroughly reviewed at the beginning of your relationship, third-party security risk management requires regular reassessments to ensure the appropriate levels of security, privacy, compliance, and resiliency are being maintained. How Often to Reassess Security Risk Experts agree that signing a business agreement is not the…
As someone that tries to watch my diet, I know how hard it is to deal with your own appetite. Several things that are my weakness – fresh bread, cold beer, pizza, the list goes on – are definitely not the best elements for a balanced diet. Most of the time I am able to deal…
