Anytime something bad happens, such as a major security incident, it is tempting to point fingers and blame the engineers and leadership at Capital One. It is also tempting (although sometimes useful) to point out specific steps the victim organization should have taken. The truth is any one of us could make the same or similar mistakes. And it only takes one small misstep to allow a crafty attacker in the front door. That…
Do you know the difference between KPIs and KRIs? Key performance indicators (KPIs) and key risk indicators (KRIs) are two critical ingredients of sound risk management. While many organizations use the terms interchangeably, they serve different purposes. Learn about the characteristics, development processes, and benefits of key indicators and how they can help take your organization’s risk management program to the next level.
When organizations are victims of a cyberattack, the consequences extend beyond a data breach or business disruption. Brand reputation and public perception and trust also take a significant hit. As new technologies emerge, so do new risks — yet many businesses are unprepared in the area of cybersecurity readiness. Ernst & Young’s 2018–2019 Global Information Security Survey revealed that many organizations are falling short in managing data privacy and cybersecurity and have some work…
Check out Quantivate’s most recent resources — You’ll find industry insights and learning resources for your governance, risk, and compliance (GRC) program, covering topics including internal audit, business continuity, vendor management, and more: What Is GRC? An Introduction to Governance, Risk & Compliance Management Whether you’re new to governance, risk, and compliance management or an industry veteran, this guide gives a helpful review of the essential components, success factors, and benefits of effective GRC.…
Whether you’re helping your organization develop a formal business continuity (BC) program for the first time or looking to improve existing BC processes, you’re likely to encounter a common roadblock: getting buy-in from leadership and peers. Colleagues may be hesitant to contribute or participate in the BC planning process, viewing the commitment as just another demand on their already busy schedule. However, trying to move forward without coordination with senior management and other core…