Risk and Security Blog

Converged Security Risk: Supply Chain and Downsizing Scenarios

In summing up the lessons of the day, the Chairman highlighted that converged security planning needs to consider plausible threats, beyond just ‘the probable’ specifically in relation to the insider threats from bad practice as well as bad intent. He also drew attention to the principle that planning for converged threats should be characterised by a reluctance to simplify the process, and by a proactive approach to maintaining greater awareness of threats, and anticipating their impacts.
Posted: 7 October 2013 by Optimal Risk Admin | with 0 comments

Prepared for Anything? Really?

Good management practice and preparedness really requires the ability to anticipate events long before they happen, and develop a planned response to each scenario. In developing and refining capabilities, managers need to be able to regularly review flaws in plans and road-blocks to effective performance through drills. This should run counter to any tendency to over-simplify plans and procedures, as the threats are increasingly sophisticated.
Posted: 23 July 2013 by Optimal Risk Admin | with 0 comments

The Problem with Security Planning

Companies need to plan for the wide variety of potential security threats and the majority of firms struggle with resources, intelligence, or expertise to deal with a full range of scenarios, and consequently cannot consider the full spectrum of converged security risks and their cyber dimensions. In most cases, companies lack the awareness of the complete threat landscape and their vulnerabilities. Hence there is a lack of urgency to upgrading their security risk agenda. The absence of such drivers tends to limit the budgets for security investment in intelligence and capabilities, and so the cycle continues to undermine the efficacy of security strategies.
Posted: 29 March 2013 by Optimal Risk Administrator | with 0 comments