1 min read

Risk Management

Cybersecurity risk management is not too complex to articulate and address with specific, actionable measures. Adversarial Risk Management begins by helping firms establish risk management terms and a centralized, tool-agnostic risk register governed by a Risk Assessment Management Procedure (RAMP). In addition to providing a vital artifact to respond to third-party risk management inquiries, regulatory examination, and governance oversight, the RAMP and risk register ensure that findings from a wide and frequently-changing array of tools and processes follow a consistent scoring prioritization and remediation process.

You might also like...

Oct
19
Cyber Governance: What is Fair to Expect from Board Directors and Management? 3 of 4

Cyber Governance: What is Fair to Expect from Board Directors and Management? 3 of 4

Episode 3: Incidents In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
10 min read
Aug
25
Overrated? On TPRM, SBOM, Solarwinds, and Supply Chain Security

Overrated? On TPRM, SBOM, Solarwinds, and Supply Chain Security

We've all run to the same side of the boat on supply chain security when it comes to cyber. Rather
2 min read
Apr
27

Encryption is Overrated

Years ago I found myself in one of those awkward elevator pairings where you are unexpectedly face to face with
3 min read
Nov
22
Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4

Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4

Episode 2: Risks In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
6 min read
Nov
11
Bad CISO Archetypes

Bad CISO Archetypes

As part of my advisory work, I often help companies find and/or interview security leaders. While I'm a huge
4 min read