Cybersecurity risk management is not too complex to articulate and address with specific, actionable measures. Adversarial Risk Management begins by helping firms establish risk management terms and a centralized, tool-agnostic risk register governed by a Risk Assessment Management Procedure (RAMP). In addition to providing a vital artifact to respond to third-party risk management inquiries, regulatory examination, and governance oversight, the RAMP and risk register ensure that findings from a wide and frequently-changing array of tools and processes follow a consistent scoring prioritization and remediation process.
You might also like...
Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4
Episode 2: Risks In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
6 min read
Bad CISO Archetypes
As part of my advisory work, I often help companies find and/or interview security leaders. While I'm a huge
4 min read
Episode 07 - Bug Bounties with guest Casey Ellis
Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber
1 min read
Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4
With mounting pressure around cyber literacy in the Boardroom, Directors are looking for specifics around what will be expected of
8 min read
Vulnerability management is dead. But GRC is hiring...
I used to have a TVM team. Threat & Vulnerability Management. The individuals in there had the word "Vulnerability" in their
2 min read