Digadel Corporation
  • DefenseOps
  • Risk Management Workbook
  • Resources
  • Blog
  • About

Cybersecurity and IT Risk Management - Risk Defined

4/6/2020

0 Comments

 
What is Risk?
IT Risk has many facets and is often not a well understood topic; in some cases the very definition can be elusive. When it comes to the cybersecurity and information technology fields, the National Institute of Standards and Technology (NIST) is one of the authoritative sources for which to seek answers.

According to NIST Special Publication (SP) 800-30, Guide for Conducting Risk Assessments, risk is defined as:

"a measure of the extent to which an entity is threatened by a potential circumstance or event, and is typically a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence."

Read More
0 Comments

One-Page Risk Management Plan

4/17/2019

0 Comments

 
The One-Page Risk Management Plan is based on the A3 technique, which was originally created by Toyota as a problem solving method. The name A3 comes from the fact that when the process is complete, all of the relevant information can fit on a standard A3 size piece of paper.

While the A3 technique was originally designed for problem solving during manufacturing, it can also be a valuable tool for risk management. You can be use the technique to guide the risk management process and ensure that all critical information is captured in a concise manner.
Picture
Get the Free Worksheet

Read More
0 Comments

4 Strategies for Cyber Security Risk Management

3/6/2018

0 Comments

 
4 Risk Management Strategies
So, you have identified a risk in your organization or project ... now what?  When a risk is identified there are four strategies you can use to address it.  The strategies can be remembered using the acronym ACAT:
  1. Avoid
  2. Control
  3. Accept
  4. Transfer

Read More
0 Comments

What is a Security Process Management System?

2/23/2018

0 Comments

 
Picture
Cyber security is a two-sided coin; on one side are all of the technical controls needed to maintain security and on the other the operational processes required to manage them.  Just like a coin, both sides need to be in tact for it to be whole.

Unfortunately many organizations dedicate a disproportionate amount of resources to technical controls at the expense of properly managing their operational processes.  It is not uncommon for such organizations to spend large sums of money on the latest technical security gadget only to find themselves getting hacked anyway.


Read More
0 Comments

    Subscribe To Our Mailing List

    Sign Me Up!

    Categories

    All
    Risk
    Security Process Management

    RSS Feed

Company

About
Request a Quote

Support

Contact
Submit a Trouble Ticket
© COPYRIGHT 2021. ALL RIGHTS RESERVED.
  • DefenseOps
  • Risk Management Workbook
  • Resources
  • Blog
  • About