Risk Management

Risk Management news, analysis, research, how-to, opinion, and video.


IBM Security to buy risk-visualization firm Agile 3 Solutions

IBM Security plans to buy San Francisco-based Agile 3 Solutions, which makes software for visualizing data risk for analysis by senior executives.

01 holes

Tips on where to start in managing risk

What is risk management? Anytime you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. Traditional approaches and controls are no longer good...

boardroom presentation

Bringing boards up to cyber speed

The exponential growth of cyber risk has impacted roles for the CISO and the CEO, among others, but it has also left board members a little in the dark when it comes to understanding the risks associated with cybersecurity.

healthcare data breach ts

How a dose of AI could be the cure for hospital EHR cyberattacks in 2017

We are all sick (literally) and tired of the endless rounds of 'catch the data thief' playing at a hospital near you. Since these hospital attacks begin in 2014, they seem to get worse each year. Now industry pundits are indicating...

gas flame

Putting security risks on simmer with Chef

A bit of automation can ease the PCI compliance burden.

0 intro best practices

Best practices to fight corporate security risks

Ajit Sancheti, CEO and co-founder of Preempt, examines best practices each organization and their users must deploy, both in and out of corporate networks, to minimize malicious threats in inconspicuous (and conspicuous) places.

1 quicker

How automated investigation can accelerate threat detection

Cyber security analysts are overwhelmed with the pressure of keeping their companies safe. Here’s what you need to consider when adopting an automated investigation environment.

May I see your comprehensive security policy please?

Lack of compliance with the HIPAA security rule is common in county and municipal covered entities (CE). I provide some essential, primary source tools and documents for HIPAA security rule compliance.

managing business process cycle rotate phases

Buying the best BPM for your needs

Business process management software can be thought of as 'the oil that lubricates corporate machinery.' With dozens of competitors on the market, use the reverse-engineering technique to find the BPM software best suited to your...

big data analytics research chart growth [Thinkstock-516976188] [HOLD - CW August 2016]

Big data analytics and NLP: How health plans can make more money -- and keep it

Natural language processing (NLP) is an emerging area that can help unlock value from the vast stores of unstructured data that account for as much as 80% of all clinical data. UPMC Health Plan does just that.

risk reward ts

RiskSense lands $7M for assessment service

RiskSense, software-as-a-service that evaluates the security of corporate networks and generates a risk score, has been self-financed since its launch last year, but now has harnessed venture funding to help boost its R&D and hire...

whack a mole security threat

Malware strategy: Prevent, Contain, Recover

Your environment is only as strong as its weakest link. You are going to be attacked, and someone will eventually succeed in getting through your defenses.

traffic jam

The art of maximizing work not done

How should your technology organization decrease wasteful work? Following lean and agile principles will guide the way. Increase flow and decrease variability using Donald Reinertsen's techniques.


8 reasons why your security awareness program sucks

I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing.

privacy policy

Privacy policy or privacy notice: what's the difference?

Is there a difference between a privacy policy and a privacy notice? Some of the confusion comes from a company’s description of their privacy practices on their website being called a privacy policy. Some people ask, “Isn’t the...


How to perform a risk assessment

A risk assessment gives you the information protection equivalent of the opposing team’s playbook, telling where and how attackers are most likely to strike and what the damage will be.

risk reward ts

CIOs: Match security plans to your company's 'risk appetite'

CIOs discuss their risk-management strategies for dealing with cybersecurity threats and the aftermath of a data breach.

w2 phishing

Report says criminals are better communicators than IT staffers

Humans remain the largest security risk, a new Verizon report says.

Load More