Risk

Cyber threats are simply a business reality in the modern age, but with the right knowledge and tools, we can protect our businesses, employees and customers. Davis Malm’s Robert Munnelly outlines five actions companies can take to maximize long-term cyber safety. Decades of experience in the age of broadband and security breaches has taught us important lessons about the steps...

Every company should be expecting a security breach at some point. MetricStream’s Vibhav Agarwal discusses the importance of tackling cybersecurity directly and what risk-focused executives must do to avoid disaster and position their organizations for success. In a world where organizations are rapidly digitally transforming, cybersecurity has clearly become a business-critical issue. Every firm has unique data that offers it...

Entertainment and comedy can be a hugely effective way to get compliance and risk training to “stick.” Ronnie Feldman builds a business case for more creative approaches to training and communication. Let’s talk about comedy and corporate risk. Using humor and other entertaining devices to train and communicate ethics, compliance and other corporate risk topics may seem counterintuitive. After all,...

Employers must make clear to their employees what compliance topics and policies are essential to the organization. As Skillsoft’s John Arendes explains, it’s to the employer’s benefit to help employees deal with information overload. The workplace continues to evolve over time; from the impact of startup cultures to new technology, it is not the same place as my first investment...

While heatmaps (or risk matrices) are still considered one of the most popular tools for risk assessment, plenty of research has brought to light their various methodological and psychological limitations; they may actually lead to worse decisions than doing no risk analysis at all. Alex Sidorenko outlines the alternatives. OK, the title is obviously a joke, because the alternatives (multiple)...

Protiviti’s Jim DeLoach explains that executive management and the board face the challenge of overseeing and investing finite cyber protection resources in the face of an ever-changing cyber threat landscape. Cyber risk is an ever-moving target. Cybersecurity is likely to remain center stage as a top risk for a long time to come as companies continue to expand their reliance...

Vendors make the world go round, allowing organizations to efficiently outsource tasks, but they are a top source of breaches for organizations. LogicGate’s Matt Kunkel discusses the risks companies must address with their TPRM programs. It’s estimated that anywhere from 20 to 50 percent of workforces are outsourced. While outsourcing can help companies scale and be more efficient, it also...

IT security researchers say 81 percent of CIOs and CISOs defer security-relevant critical updates or patches due to concerns about the impact it might have on business operations. Authentic8’s Claudia Berth discusses the results that should serve as a wake-up call for compliance leaders. Security researchers report that eight out of 10 CIOs and CISOs refrain from adopting an important...

New global research from Morrison & Foerster reveals that GCs want to be evaluated on how effectively they protect their companies from risk and reputational damage. As Paul Friedman explains, they’ll have plenty of opportunity to prove themselves.  As globalization and technological transformation march forward and reshape the business landscape, risks lurk in more places than ever. As we’ve seen...

Russ Berland considers disruptive risks – like the earthquake and resulting tsunami that caused the Fukushima disaster in 2011 – and how AI can help to identify and manage those risks before they mature into overwhelming obstacles. In March 2011, an 8.9 magnitude earthquake and a 23-foot tsunami hit Japan. Thousands of Japanese people tragically lost their lives, and hundreds...

As we move into the 4th Industrial Revolution (4IR), risk management is poised to undergo a significant shift. James Bone asks whether traditional risk management is keeping pace. (Hint: it’s not.) What’s really needed is a new approach to thinking about risks. Framing the problem Organizations, generally speaking, have one foot firmly planted in the 19th century and the other...

The market for risk technology is driven by increased regulatory mandates and complex organizational risks. Risk technology is a global market that has rapidly evolved over the last 20 years, from single solution providers into platforms with cloud features and advanced analytics. The term “GRC” (governance, risk and compliance) has also undergone a metamorphosis in attempts to describe aspirational solutions...