One of the challenges of becoming a resilient organization is understanding exactly what that means. Resilience is interpreted and implemented in many different ways and today’s global business environment likely won’t change that anytime soon. Understanding the differences in how resilience is understood and implemented in companies across all sectors and geographies is helpful for your team's own journey to resiliency.
In 2021, as enterprise security leaders look to better understand and tackle their organization’s risks as it relates to the COVID-19 pandemic, following this model can be helpful: designate a dedicated response team; analyze how risks have changed and what new types of risks there are; consider the appetite for taking risks and prioritize them. Here's how.
The 10th Allianz Risk Barometer 2021 survey reports potential disruption and loss scenarios companies are facing; this year's top three business risks all relate to the coronavirus pandemic: business interruption (#1 with 41% responses); pandemic outbreak (#2 with 40%) and cyber incidents (#3 with 40%).
Despite the explosive growth in API usage worldwide, many security and development teams are unable to answer basic questions about their API programs – like how many do we have, who owns them, and what do they do. This poses a huge security risk for organizations – especially in today’s complicated threat landscape. To protect against security risks, it’s crucial that organizations understand all aspects of their API programs and their associated security challenges. This better positions leaders to improve their organization’s security posture through proper mitigation strategies.
Organizations mostly monitor what they already know about, leaving unknown assets unprotected and open to attackers
December 4, 2020
CyCognito announced new research in partnership with Enterprise Strategy Group (ESG) that revealed most security professionals recognize that attack surface protection is important, but their operational practices and tools used aren’t up to the challenge.
The Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (collectively, the agencies) issued an interagency paper titled “Sound Practices to Strengthen Operational Resilience.” The sound practices paper generally describes standards for operational resilience set forth in the agencies’ existing rules and guidance for domestic banking organizations that have average total consolidated assets greater than or equal to (1) $250 billion or (2) $100 billion and have $75 billion or more in average cross-jurisdictional activity, average weighted short-term wholesale funding, average nonbank assets, or average off-balance-sheet exposure.
Claroty researchers have uncovered six critical vulnerabilities in third-party license management components, which could expose operational technology (OT) environments (hardware and software components) across numerous industries to exploits via cyberattacks.
SAI Global has released results from a business continuity benchmarking study. ‘Addressing the COVID-19 gap: How Business Continuity professionals can propel business forward’ provides the results of a pre-COVID survey and a March 2020 follow up.
Eric Holmquist joined Customers Bank as Executive Vice President and Chief Risk Officer. Holmquist has more than thirty-five years of financial industry expertise, spanning enterprise risk management, executive reporting, information management programs, and is skilled in creating operational efficiency and risk alignment.
In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.