Cyber Security, Information Risk What Can CISO’s Do to Mitigate Security Risks Posed by Third Party Suppliers?

In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers. This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services...

Read more…
Information Risk Why Cloud Risk Will Raise Business Risk in 2020

Going into 2020, businesses are expected to continue the transition from on-premise to cloud.  Many are increasingly adopting a cloud-first strategy, where if possible, they will run their services on a cloud platform vs keeping them in a data center.  And why not? The benefits of moving to the cloud are enormous and the list is long...

Read more…
Information Risk, Podcasts CRMG Podcast: How to Manage Third Party Risk When you Have Thousands of Suppliers

Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially...

Read more…
Information Risk Risk in Retail: Staying on the right side of the headlines

In the last 30 years, the risk landscape has transformed significantly for retailers. Think back to the early 1980s.  There was no internet then. Every retailer had only on-site equipment, some of which would be in their own data centers or in a rack in a small room in their office buildings...

Read more…
Information Risk, Podcasts CRMG Podcast: A Pragmatic Approach to Defining your Threat Profile

Organisations are facing new types of advanced persistent threat scenarios that current risk management programmes cannot defend against. To effectively counter threats, business leaders must have a...

Read more…
Information Risk How to Make Sense of Risk Management in Cyber Security? Tip: Avoid gut instinct

You can't avoid risk management. It's just as fundamental to our business as it is to our lives. From checking an email address before sending sensitive documents, to looking left and right before crossing a road...

Read more…
Executive Management, Information Risk The Challenges in Assessing Third-Party Cybersecurity Risk – A case study

I was leading a cybersecurity department a couple of years ago when I had a senior executive come to me with an urgent request. He was getting ready to close a big deal with a third-party...

Read more…