Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

How to Use Cyber Assurance Programs to Manage Risk Based on Business Outcomes

If you’ve been following any of our recent webinars or in-person presentations, you’ve heard us talk a lot about shifting the mindset from a focus on compliance to a risk-first approach. We’ve discussed that the best way to do this is to align your risk management program to specific outcomes, where compliance becomes a subset of your risk management program. But what does that mean specifically? And what are some examples of how this can be done?

Creating a Vendor Risk Management Framework

Global third-party suppliers have become an essential resource for many companies, providing crucial strategic and competitive support. Outsourcing, however, is not without its dangers. As dependency on third parties grows, so do the chances of supply chain, compliance, or reputation risks that hit your organization through those third parties. Your management team will need to address those risks somehow.

5 Things Keeping You From Risk Management Eutopia

There are a lot of buzzwords and hot topics in the cyber security industry but there’s one thing we GRC professionals can not agree upon … risk assessments. Some people start with a pre-built risk register while others start by conducting internal surveys. Some re-assess risk annually, some use mathematical equations and some still use spreadsheets!

Reciprocity Community Edition Best Practices: How to Get Started with the Reciprocity ROAR Platform

The Reciprocity® Community Edition is now available and is your chance to see the new Reciprocity ROAR Platform in action and it…is…totally…free! This is a great opportunity for you to not only get an instance of the ROAR Platform but also to see how the Reciprocity Community can provide you with meaningful content and connections to other organizations facing similar challenges. And did I mention that it’s free?!?

Does Your Cyber Threat Intelligence Team Know These Key Things?

The 2021 CrowdStrike Global Security Attitude Survey found that on average, organizations take 146 hours to discover a cybersecurity incursion, an alarming increase on the 2020 average of 117 hours. This means that an intruder could remain inside an enterprise network for more than six days before detection. Moreover, those attackers can move laterally across the network in just 92 minutes, searching for — and often finding — sensitive enterprise data or other high-value assets.

The Industrial Internet of Things and Cybersecurity

Learn how the industrial internet of things (IIoT) is changing industries around the world, and what your business can do to make sure your IIoT devices are secure. The fourth industrial revolution – industry 4.0, as some are calling it – is upon us. As digital transformation sweeps across manufacturing, production and related industries, many organizations are grappling with this new stage in the organization and control of the industrial value chain.

Operational Risk Management: Benefits and Common Challenges

Operational risk is defined as the risk of a loss that results from inadequate or failed business processes, people and systems, or from external events. More simply, operational risk pertains to any uncertainty or threat your organization faces (or might face in the future) during day-to-day business activities. The risk arises from operational disruptions and is likely to result in losses or reputational damage. Some operational risk is inevitable for every organization.

How to Create a Compliance Risk Assessment Template

Global regulations for data privacy and cybersecurity are quickly becoming more common and more stringent. That puts added pressure on organizations to manage their risks appropriately or face potentially painful consequences. In particular, organizations around the world and across industries are experiencing high demand from regulators to implement compliance risk management.