You've requested...

Share this with your colleagues:

Reduce Insider Threats Risk Through End User Empowerment

If a new window did not open, click here to view this asset.

Download this next:

Infographic: Top 12 risk management skills

Risk management is a must for anyone who aspires to be a leader or manager. There is risk to be addressed at all business levels, and if a leader is unable to manage risk, their upward mobility will disappear. 

Being a capable risk manager requires awareness and knowledge to uncover potential risks and present them to people best suited to solve the problem. A risk manager doesn't necessarily have to make the fix -- they just need to bring it to the person who can. 

These are also closely related to: "Reduce Insider Threats Risk Through End User Empowerment"

  • Insuring the uninsurable: Is cyber insurance worth its salt?

    Cyber insurance is one of the fastest growing areas of risk cover in the insurance industry as businesses increasingly turn to specialist insurance in an attempt to cover a portion of their enterprise risk.

     Cyber risk is notoriously difficult to quantify and businesses face an arduous choice in deciding which risks to manage themselves and which risks to transfer to the insurance market.

     This article dips a toe into this emerging risk area and outlines some steps businesses can take to make better informed risk mitigation decisions.

  • How to tackle risk taxonomy

    This Technical Standard provides a taxonomy describing the factors that drive risk – their definitions and relationships. This Technical Standard is not a reference or tutorial on how to assess or analyze risk, as there are many such references already available. This Technical Standard also does not cover those elements of risk management that pertain to strategic and tactical risk decisions and execution. In the overall context of risk management, it  is important to appreciate that our business objective in performing risk assessments is to identify and estimate levels of exposure to the likelihood of loss, so that business managers can make informed business decisions on how to manage those risks of loss – either by accepting each risk, or by mitigating it – through investing in appropriate internal protective measures judged sufficient to lower the potential loss to an acceptable level, or by investing in external indemnity. Critical to enabling good business decision-making therefore is to use risk assessment methods which give objective, meaningful, consistent results. Fundamental to risk assessments is a sound approach: You can't effectively and consistently manage what you can't measure, and you can't measure what you haven't defined. The problem here is that a variety of definitions do exist, but the risk management community has not yet adopted a consistent definition for even the most fundamental terms in its vocabulary; e.g., threat, vulnerability, even risk itself. Without a sound common understanding of what risk is, what the factors are that drive  risk, and a standard use of the terms we use to describe it, we can't be effective in delivering meaningful, comparable risk assessment results. This Risk Taxonomy provides the necessary foundation vocabulary, based on a fundamental analysis of what risk is, and then shows how to apply it to produce the objective, meaningful, and consistent results that business managers need

Find more content like what you just read:

  • How to manage cyber risk: A director’s guide

    As Boards exercise their duties to protect shareholder value, they need to have a solid understanding of the risks to the enterprise’s digital assets and how management is protecting them. Coalfire describes 5 key guidelines of cyber risk management for Board oversight. Read on to unlock the full guide.

    Download

  • Analyst report: IT risk management

    With the accelerated push toward digitalization, cybersecurity issues are now top of mind and IT risk management has become a board-level discussion. Open Gartner’s Magic Quadrant to get a better understanding of this growing and dynamic market and find out where the IT vendors involved stack up.

    Download

  • What you don't know can hurt you: Expert advice on measuring risk

    Managing risks begins with measuring risks. Inaccurate or incomplete measurements can lead to dire consequences. So, where do you start? In this e-book, 3 IT industry experts share their wisdom on the practice of measuring risk in the most practical, comprehensive, and actionable way. Download this e-book to get started.

    Download

  • Best practices for reporting risk

    With cyber threats increasing, it’s vital for business leaders to understand and mitigate risks that could jeopardize their business. Download this guide to learn the importance of understanding risk as uncertainty about objectives and aligning risk measurements with the strategic objectives your company’s leadership team cares most about.

    Download

  • Expanding the Sphere of Supervision Value

    Download this guide to learn more about how information risk affects organizations of all types, the expanded value of supervision software for more than FINRA risk, and how Smarsh can help protect your organization from these risks.

    Download

  • Do you need to establish better cyber risk quantification efforts?

    According to a ThreatConnect survey, 41% of respondents said they don’t have a formalized process in place to evaluate and rank cyber risks, and 25% said they don’t have a cyber risk quantification technology deployed at their company. With this e-book, discover the urgent necessity for businesses to begin quantifying their cyber risk.

    Download

  • 9 key takeaways of subsidiary risk management research

    Current tools and processes for managing subsidiary risk present multiple shortfalls even for organizations that have a focus on managing subsidiary risk and staff dedicated to these activities. This white paper contains 16 research findings about subsidiary risk management and 9 key takeaways. Read on to get started.

    Download

  • 5 practical steps for successful remediation

    It’s critical to understand how a particular vendor’s risks might impact your business. Luckily, this ProcessUnity white paper; The Vendor Manager’s Guide to Risk Reduction, is here to help. Download the white paper now to examine ways to manage vendor risk and implement effective remediation management policies.

    Download

  • E-Guide: VM in the Cloud

    Before you move services to the cloud, you must understand how the change in risk will affect your existing security strategy. View this expert resource now to gain best practices for cloud risk management and explore the importance of revisiting risk assumptions, pros and cons of aggregation, tips for pen testing cloud environments, and more.

    Download

  • Evaluate IT risk management vendors

    By 2025, 50% of businesses will depend on risk management solutions. As such, security and risk management leaders are hunting for such solutions based on cybersecurity initiatives, board risk oversight and digital compliance obligations. Use this Gartner Magic Quadrant to evaluate the strengths and cautions of various players in the space.

    Download

  • The importance of ethical data use

    According to a recent KPMG survey, 97% of consumers said they believed data privacy was important, and 87% thought it should be a human right, but 54% of respondents didn't trust companies to use their data ethically. Access this e-guide to learn why ethical data use is so important and the risks you run in using data unethically.

    Download

  • Evaluate IT risk management vendors

    By 2025, 50% of businesses will depend on risk management solutions. As such, security and risk management leaders are hunting for such solutions based on cybersecurity initiatives, board risk oversight and digital compliance obligations. Use this Gartner Magic Quadrant to evaluate the strengths and cautions of various players in the space.

    Download

  • 23 IT vendor risk management tools & how they stack up

    IT vendor risk management software provides solutions to manage and automate the vendor risk management life cycle, address third-party risk and meet regulatory compliance. Tap into Gartner’s Magic Quadrant to get a better understanding of this growing and dynamic market.

    Download

  • Analyst report: IT vendor risk management tools

    IT vendor risk management software provides solutions to manage and automate the vendor risk management life cycle, address third-party risk, and meet regulatory compliance. Tap into Gartner’s Magic Quadrant to get a better understanding of this growing and dynamic market.

    Download

  • How to handle requirements for risk assessment methodologies

    Over time, the information security/risk management profession has developed a variety of methods for assessing risk within an organization.

    Download

  • Webinar: Uncover the changing vendor audit landscape

    As organizations adopt more cloud platforms with subscription-based licensing, the traditional landscape of software publisher audits and related risk is also rising. This webinar covers these changes and how to prepare through best practices. Tune in to learn about how to approach risk assessment, how to deal with audits and more.

    Download

  • Measuring endpoint risk in the public sector

    In this e-book, industry experts offer insights and guidance for public sector agencies on measuring endpoint risks in today’s fastmoving, highly-distributed world.

    Download

  • 3 strategies to ensure open source compliance

    As open source software continues to be adopted at an increasing rate, compliance with open source licenses becomes a more pressing initiative. Download this white paper for 3 strategies you can use to ensure open source compliance.

    Download

  • Third party risk management: A path to a program

    This white paper dives into what risks third-party management faces and how it can change the course of a cyber program. Read on to learn more.

    Download

  • BitSight for third-party risk management

    With the increase in data breaches caused by third parties, the time to manage third-party risk is now. Download this data sheet to learn about BitSight’s integrated approach to ensuring operational efficiency and reduced risk.

    Download

  • The Senior Leader's Guidebook to Emergency Management and Business Continuity

    Threat hazard identification and risk assement begins with an in-depth exploration of the threats an organization might face. Understanding this risk environment is essential forbuilding a practical, affordable, and effective risk mitigation plan. Take our brief survey and gain access to our guide for senior leaders.

    Download

  • 7 steps to manage risk of new technologies

    As technology grows stronger, risk becomes greater. Because to a degree, IT departments are jumping into the unknown with each new investment they make, so it’s important that the risks associated with these new technologies are adequately mitigated. Dive into this white paper to view 7 steps to effective risk management for emerging tech.

    Download

  • The Forrester Wave™ Governance, Risk and Compliance Platforms, Q3 2021

    Is your organization in search of a platform to streamline governance, risk and compliance (GRC)? Download this Forrester Wave report to examine 15 of the most significant GRC technology vendors on the market and explore how each provider measures up so that you can select the right one for your needs.

    Download

  • C-suite call to action: Third-party risk management

    When it comes to third parties, risk professionals, the C-suite and the board need to collectively determine how to shift their stance from reactive to proactive to handle uncharted circumstances. View this briefing paper to understand the malleable third-party risk landscape and how enterprises can become dynamically prepared.

    Download

  • Achieve risk-based vulnerability management

    Information overload challenges from data and threats can overwhelm cybersecurity professionals, causing many to unwisely skip vulnerability mitigation. Consequently, some organizations are operating at unacceptably high levels of risk. Read this guide to understand the framework of a modern, risk-based vulnerability management program.

    Download

  • The 2021 RiskTech research report: Top cybersecurity trends

    As organizational risk increases, risk management professionals must get an objective assessment of technology vendors in their market in order to make the best decisions. Download the RiskTech100 for 2021, a globally acknowledged, comprehensive independent study of the world’s major players in risk and compliance technology.

    Download

  • Third-party risk management: Best practices

    Read this guide to understand the building blocks of third-party risk management (TPRM), the importance of residual risk, how to augment your team and steps to take for a more mature TPRM program.

    Download

  • Are businesses taking chances when it comes to managing outsourcing risk?

    Nearly 95 percent of organisations buy, provide or both buy and provide outsourced services and functions, in which they face inherent risks created by new and unforeseen challenges.

    Download

  • UK 2015 Cyber Risk Survey Report

    Many UK firms are failing to adequately assess their customers and trading partners for cyber risk, Marsh's UK Cyber Risk Survey reveals.

    Download

  • 4 technical benefits that can break the cycle of poor supplier management

    Supplier interruption can cause an organization significant operational and strategic risk. Suppliers often hold huge amounts of data and intellectual property that can be directly compromised and put everyone at risk. Download this white paper to learn about 4 strategic supplier security model best practices & technical benefits.

    Download

  • TPRM: 9 common misconceptions

    Third-party risk management (TPRM) programs are important in defending against encroaching cyberthreats. However, many of these programs rely on ineffective tools and processes, and TPRM professionals tend to use subjective, outdated information to make decisions. In this white paper, explore the 9 misconceptions affecting these TPRM programs.

    Download

  • Security manager’s guide to third-party risk management

    Modern organizations are increasing their business efficiency by working together with third-party organizations to outsource different processes, from raw data storage to HR, finance and more. Download this security manager’s guide to third party risk management (TPRM) and learn how you could create an effective program.

    Download

  • The Global Risks Report 2016

    This report from the World Economic Forum identifies the most pressing global risks countries and organisations will face in 2016, including sections on technology and cyber crime.

    Download

  • Is your mainframe protected?

    The more rules there are, the easier it is to fall foul of them, even if you don’t mean to. And as your business grows, there are always going to be new risks to think about. Identify, manage and minimize your exposure to risk. Watch this 8-minute video to discover Deloitte’s Integrated Risk Management, powered by ServiceNow.

    Download

  • World Economic Forum Global Risks Report 2018

    The World Economic Forum Global Risks Report 2018 identifies the top geopolitical risks facing the world in 2018. Environmental risks dominate, but cyber attacks, the risks of artificial intelligence, and the possibility of the internet defragmenting are high on the agenda.

    Download

  • Cybersecurity: How to manage, mitigate & prevent risk

    Rapid digital transformation has served as a critical catalyst for a broader exploration of an organizations’ exposure to enterprise IT risk of all kinds and the degree to which organizations are prepared to manage, mitigate and prevent risk. Take the survey to unlock key survey findings conducted by SolarWinds.

    Download

  • Addressing & evaluating your open source risk

    Open source risks are often unique to each organization – requiring them to understand and evaluate their current posture before they attempt to address the risks. Read this e-guide to learn the 3 evaluation questions you should ask yourself and discover how Veracode may be able to help your organization overcome its unique open source risks.

    Download

  • Cloud Management: Overcoming today’s Top Risks

    Under a cloud paradigm, as services become more concentrated, risks follow suit, so it is important to understand and account for these changes and adjust security programs accordingly. View this e-guide to explore the top security risks in cloud computing today and how to overcome them.

    Download

  • Information Security Threats: Building Risk Resilience

    Enterprises need an agile risk management strategy to deal with today's evolving threats. Read this expert E-Guide and discover the correct ways to build up your organizations risk resilience against these ever growing threats.

    Download

  • Third party risk management for mergers and acquisitions

    In mergers and acquisitions (M&A), managing risk has become a focal point. M&A firms are realizing that due diligence is needed to avoid value losses post-acquisition, and moreover, regulators are cracking down on M&A risk like never before. Dive into this white paper to learn how third party risk management best practices can help.

    Download

  • Royal Holloway: Lessons on catastrophe - differences and similarities between cyber and other forms of risk

    Cyber insurance is still in its infancy but has shown significant growth, with evidence for further expansion. However, a lack of past information and some idiosyncrasies make pricing difficult, as well as potentially amplifying risk exposure. This article summarises findings from a practical model that could be used in lieu of actuarial data.

    Download

  • The Value of Threat Modelling

    This article in our Royal Holloway information security thesis series gives an overview of the value of threat modelling and describes some common modelling techniques.

    Download

  • Mobile device protection: tackling mobile device security risks

    The proliferation of mobile devices into the enterprise has put mobile device security risks as a top priority for many organizations today. In this e-guide from SearchSecurity.com, gain expert insight on how to tackle mobile device security risks and explore why your current approach might need to be reevaluated.

    Download

  • ITAM governance: Risks, best practices and more.

    IT asset management (ITAM) governance helps protect organizations against a variety of corporate risks and allows them to switch from being reactive to proactive in their risk mitigation. Open up this white paper to read up on everything ITAM governance, including the risks of poor ITAM governance, IT governance best practices and more.

    Download

  • Managing Cloud Computing Risk

    Have you done your best to reduce the risk of harm to your company in the event of a service interruption? In this e-guide by SearchCloudSecurity.com, gain expert insight on how to manage the risk of cloud outages as well as uncover a framework you can implement for evaluating cloud computing risk.

    Download

  • Adaptive risk management for complex supply chains

    This paper discusses supply chain risk and the increased demands that complex supply chains place on outsourcers and providers. It also provides strategies and tactics for building and applying complex adaptive solutions to your own Third-Party Risk Management (TPRM) program. Download your copy today.

    Download

  • Business risks of software vulnerabilities

    This article in our Royal Holloway Information Security Thesis Series looks at how four sources of risk are relevant for evaluating the influence of software vulnerabilities on businesses.

    Download