Hiring a new employee can be a rushed process, especially if the position is a mission-critical one. But neglecting to follow through on pre-employment screening can be even more disastrous to the enterprise than having an empty seat for a few weeks. A foregone or limited background check, a lack of fact-checking or a single-minded policy about hiring could leave a company with rushed hire and an unsuitable new employee, or worse – a wave of new risks and liability.
Picture this – in 20 minutes, one enterprising hacker at the 2012 Defcon conference in Las Vegas learned one Wal-Mart store’s physical logistics – from the janitorial contractor to where employees go to lunch – key details about the make and version numbers of the Wal-Mart manager’s PC, browser and anti-virus software, and got the manager to upload the address of an external website into his browser – no questions asked.
Utilizing the principles, standards and methodologies of ERM and/or ISO 31000 as the foundation of security programs is vital in order to transform your security program to holistically address the full scope of the risk, threat and hazard landscape that your organization faces today and into the future. Going forward, we will provide some insight into the concepts of ERM and why it is so important to utilize ERM as the foundation of your security program.
Risk appetite isn’t a term that comes up a lot in the security trade media. This is interesting, because understanding risk appetite is a crucial factor in developing acceptable security programs, communicating value, and aligning the function with the goals of the business — all of which are talked about in security circles all the time. So what is risk appetite?
In this, Security magazine’s annual Security 500 Report, learn the top 10 trends that enterprise security leaders are facing this year, gather sector and issue-specific metrics to enhance your in-house reporting, determine which companies are leading the pack in your sector, and build your case to become the enterprise’s next go-to executive resource. Check out Security's November issue for all this and more!