Risk and Security Blog

‘Future-Proofing’ against Converged Information Risk

Cyber risk scenarios present a new challenge to security and risk planners. The key to developing converged security risk strategy through scenarios is that the outcomes must lead to decisions that effectively mitigate information risk from physical, human, and cyber threats.
Posted: 28 March 2014 by Optimal Risk Admin | with 0 comments

How Red Teaming Gain Greater Immediate Traction Over Auditing

The 'learning by doing' opportunity that security exercises provide, is crucial to identifying failures in breach incident response as well as failures in security. So the appropriate design of a Red Team process will ensure that a balance is achieved between reinforcing security, and preparing the appropriate response.
Posted: 28 March 2014 by Optimal Risk Admin | with 0 comments

Being Prepared and Risk Informed

Ultimately, the justification for adopting a pre-emptive and proactive approach must be to enable better risk-informed decision-taking. A comprehensive evaluation of cyber risk requires a meticulous approach to mapping an organisation’s assets and processes before modeling risk against them, and there are few methodologies that are fully evolved to accomplish this.
Posted: 28 November 2013 by Optimal Risk Admin | with 0 comments

Converged Security Risk: Supply Chain and Downsizing Scenarios

In summing up the lessons of the day, the Chairman highlighted that converged security planning needs to consider plausible threats, beyond just ‘the probable’ specifically in relation to the insider threats from bad practice as well as bad intent. He also drew attention to the principle that planning for converged threats should be characterised by a reluctance to simplify the process, and by a proactive approach to maintaining greater awareness of threats, and anticipating their impacts.
Posted: 7 October 2013 by Optimal Risk Admin | with 0 comments

A Convergence Masterclass

Optimal Risk will be leading a masterclass on these issues, organised by the Security Institute and hosted by Siemens in London on September 24th, which will address the core challenges that organisations face in embracing and applying converged security concepts. The objective is to introduce students with specialist background to a range of models and principals that will better enable them to prepare and cope with converged security risks.
Posted: 16 September 2013 by Optimal Risk Admin | with 0 comments

Prepared for Anything? Really?

Good management practice and preparedness really requires the ability to anticipate events long before they happen, and develop a planned response to each scenario. In developing and refining capabilities, managers need to be able to regularly review flaws in plans and road-blocks to effective performance through drills. This should run counter to any tendency to over-simplify plans and procedures, as the threats are increasingly sophisticated.
Posted: 23 July 2013 by Optimal Risk Admin | with 0 comments

Challenges in Working with Converged Scenarios

Few companies work effectively with risk registers, either as a process or as tool. The common failure of registers is that they become nothing more than a register, in which risks are recorded and then not acted upon, particularly in regard to cyber threats.
Posted: 4 April 2013 by Optimal Risk Administrator | with 0 comments
Displaying results 1-7 (of 9)
 |<  < 1 2  >  >|