Jack Jones and Doug Hubbard explain how to measure what matters on the new frontier of risk management.
by Nikhil Chawla
The CISO is confronting countless “swords of damocles.” Each one seems critical. Each one is waiting to drop on their head. Their job is to eliminate those risks before they drop. Unfortunately, security is expensive and budgets are limited. Where to start when you only get to pick one, two, or three things to mitigate out of dozens of possibilities? The straight forward answer is, “Just shoot for getting the biggest bang for you’re buck!” This is easier said than done. The risk of some yet to happen event causing real impact is highly uncertain. The value of security control in mitigating those risks are also uncertain. And, the range of impacts that can occur add more fuel to the fire of uncertainty. This podcast bring the foremost thinkers on modeling cyber risk together – to discuss modern approaches for measuring risk and deciding on the best way forward economically. Meaning, the best way forward in terms of both cost as risk reduction.
Welcome back to the Resilience third-party management series. In our first three posts, we covered why third-party vendor discovery matters, how to locate vendors across your environment, and which high-risk vendor categories most organizations overlook. Now we turn to the next step: prioritizing those vendors based on actual cyber risk—not contract spend. Most vendor management […]
While the seven data streams from our previous post will capture the majority of your vendor relationships, they’re primarily designed to find digital services and traditional procurement relationships. Today, we’re exploring the vendor categories that fall through the cracks of most discovery programs, as well as why they often represent some of your highest-risk relationships. […]
Quantum computing is on the horizon, and with it comes a seismic shift in how organizations must think about cybersecurity risk. The ability of future quantum machines to break today’s cryptographic protections, what we call quantum decryption, could undermine the trust, confidentiality, and resilience of digital business. This briefing series distills a highly technical topic […]
Spotify
Apple Podcast
Google Podcast