A Risk-Based Approach to Better Cybersecurity
As the world becomes more connected, it also opens up myriad cybersecurity threats. It is important for enterprises, no matter the size, to take cybersecurity seriously because the impacts can be adverse and prove to be extremely costly. Therefore, a risk-based approach can be the best course of action to take when dealing with cybersecurity. A risk-based approach enables enterprises to conceive a more comprehensive plan by understanding the critical assets and the regulatory, financial and reputational risks of exposing assets. This allows organizations to meet the changing needs of a plan that needs constant re-evaluation for consistent improvement.
A risk-based assessment requires a significant amount of work to locate all vulnerabilities in an enterprise’s workflow. These risks are then assigned a risk score based on the severity of the vulnerability, which allows the enterprises to focus its efforts on the risks that have a higher chance of compromising their workflow. The risk scores are based on a combination of the likelihood of a risk materializing and the impact that will have on the organization, should it become a reality. Security risks are more than just technology, it includes operational risks as well, which is why this approach must not be made in isolation.
A risk-based security program aligns closely with the enterprise’s goals. Technical decisions that are made within security programs have dramatic effects on how organizations can achieve those goals, which is why risk-based approach must take this into account. Enterprises that do not consider risk-based approaches become easy targets for hackers that use the latest in cutting-edge technology when looking for vulnerabilities.
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Dave Doyle, CIO & SVP, IT, Regal Entertainment Group
By Sergey Cherkasov, CIO, PhosAgro
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Mike Fitton, Wireless Business Unit Director, Altera
By Jim Kaskade, VP and GM, Big Data & Analytics, CSC
By Thomas Musgrave, EVP & CIO, AmeriCold Logistics
By Vin Sharma, Director, Strategic Planning & Marketing, Big...
By Federico Flórez, Chief Information & Innovation Officer,...
By Barbara Adams, VP, Innovative Technology Solutions, Texas...
By John Mason, CIO, Bottomline Technologies
By Jamshid Khazenie, CTO, USA Today Network / Gannett
By Miguel Gamino, CIO & Executive Director-Department of...
By Bill Schimikowski, VP, Customer Experience, Fidelity...
By Tom Bressie, Vice President, Oracle Cloud
By John Landwehr, Public Sector CTO, Adobe
By Aaron Gette, CIO, The Bay Club Company
By Denise Zabawski, CIO, Nationwide Children's Hospital
By Amit Bahree, Executive, Global Technology and Innovation,...