Risiko

Part Two: ‘We Should Never Have Said That’ and How to Avoid It Being Used Against You Before It’s Too Late

Earlier this year, the first part of this article was published. It’s a good place to start to learn why you want to understand your company’s attack surface. Websites and online databases tend to over-share – you should aim to limit this. But some...

Webinar: An introduction to quantitative methods for cyber risk management

Risiko, Sikkerhed, Viden, Webinar

Almost daily, we hear about how cyber threats and IT risks increase globally across industries. Sadly, the methods and tools used for IT risk management today do not deliver the consistent decision support that organizations need. On March 23rd 2023, we conducted a...

ISO 27005 Is Wrong About Quantitative Risk

Risiko, Viden

The International Standards Organization recently published an updated version of their guidance for information security risk management, but they have missed the mark entirely on quantitative methods. The ISO/IEC-27005 is one of the key standards published under the...

Identify your information assets in 5 steps

Risiko, Sikkerhed, Viden

An important step in any IT risk management process is to clearly define the information assets in scope. But what is an information asset really? How can you best describe your important information assets? And why is it so important to spend time on establishing a...

Nu var det lige så hyggeligt

Risiko, Viden

Verden er i forandring. De seneste år har mindet os om, at verden er farlig og foranderlig. Det er blevet den nye normal. Krig i Europa, klimakatastrofer, problemer med makroøkonomien og cyberangreb for blot at nævne nogle af de udfordringer, samfundet står over for....

The simplest risk metrics that we just can’t agree on

Risiko, Viden

Inherent risk… residual risk… current risk? When your risk manager or regulatory affairs asks about your “inherent risk”, it highlights a fundamental flaw in qualitative risk assessments. Here’s why - and how to fix it. Although most of us engage in some form of risk...

Top 5 objections to using quantitative models within cyber risk management

Risiko, Viden

Changing habits and mindsets take time and persistence. Especially within IT risk management. Again and again, we at ACI meet tonnes of objections to changing behaviour despite witnessing the benefits of moving from qualitative to quantitative. So, I felt...

Håndter cyberrisiko med taktisk og strategisk styringsinformation

Cyber, Risiko, Sikkerhed, Viden

Kommunikation er svær, også når det drejer sig om risiko for cyberangreb. Bestyrelse og direktion har brug for et klart beslutningsgrundlag, men ofte rammes der forbi med kommunikation, der er enten for teknisk eller for overordnet og abstrakt. Begge tilfælde er...

Kvantitative eller kvalitative risikovurderinger? En CIO’s betragtninger.

Risiko, Sikkerhed, Viden

Hvad er fordelene ved kvantitative eller kvalitative risikovurderinger? Hvorfor og hvornår skal man vælge det ene fremfor det andet? Vi bringer her et gæsteindlæg fra Christian Willemoes, pensioneret CIO fra DLR Kredit, der deler sine betragtninger og erfaringer fra...

Risikoappetit – hvorfor og hvordan?

Risiko, Viden

En dygtig offshore-ingeniør, som jeg samarbejdede med, gav mig et konkret eksempel på anvendelse af risikoappetit. Højden på en boreplatform sættes efter lovgivning og standarder, men også efter virksomhedens risikoappetit. Hvor stor en bølge skal platformen kunne...

« Gamle poster

Læs alle vores indlæg

Læs vores artikler

Risiko

Part Two: ‘We Should Never Have Said That’ and How to Avoid It Being Used Against You Before It’s Too Late

Webinar: An introduction to quantitative methods for cyber risk management

ISO 27005 Is Wrong About Quantitative Risk

Identify your information assets in 5 steps

Nu var det lige så hyggeligt

The simplest risk metrics that we just can’t agree on

Top 5 objections to using quantitative models within cyber risk management

Håndter cyberrisiko med taktisk og strategisk styringsinformation

Kvantitative eller kvalitative risikovurderinger? En CIO’s betragtninger.

Risikoappetit – hvorfor og hvordan?

Læs alle vores indlæg

ACI A/S

Sider