How to perform a risk assessment: Rethinking the process

New regulations and a changing threat landscape mean you need a different approach to your security risk assessment process.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

The world has changed significantly in the past two years, and so have the rules around assessing cyber security risk. A combination of greater digital business penetration, a wider array of risks, and bigger consequences of cyber threats have made the world of risk management both more complex and more important than ever.

Sadly, word hasn’t yet gotten out that risk management is an essential part of today’s business operations. According to this PwC study cited by Silicon Republic, 40 percent of Irish companies are failing to do any risk assessments whatsoever.

Gartner’s IT Risk Management report from last summer tried to address the growing complexity of this space and divided the market into seven different segments, including auditing, vendor risk management and operational risks. It presented a magic quadrant of ten vendors, including ServiceNow, Dell/RSA Archer and others. They recognized that the market is evolving rapidly as IT buyers are looking for more comprehensive solutions that can be deployed across a wide range of conditions and workflows. 

Things are moving so quickly that even a year-old report is somewhat outdated. Let’s look at these changes and then discuss what you can do to improve your processes, change your organizational structure, and be better prepared to understand and address future cyber risks to your business. 

Change #1: Security is now everyone’s concern

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.