Risk Management: A Look Back at 2013 and Ahead to 2014

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Risk Management: A Look Back at 2013 and Ahead to 2014-6 Next

Focus on continuous monitoring in risk management: Security and IT teams understand that near real-time monitoring of threats, vulnerabilities and potential exposures is becoming table-stakes for effective risk management. Many regulations and standards, such as PCI DSS 3.0, ISO 27001, ISO 22301, NERC CIP 5 and NIST CSF have and will continue to be updated with more effective approaches to risk management, based on continuous monitoring. Security and compliance teams need to be prepared for these updates, not only with technologies, but also by driving processes and people skills to another level of maturity in order to effectively implement these new lines of defense.

According to Yo Delmar, vice president of MetricStream, 2013 has been witness to extraordinary change. We are living and doing business in an increasingly global, mobile, social and Big Data world, fraught with new risks and complex regulations. As such, individuals and organizations are struggling to keep pace.

In response to greater uncertainty, complexity and volatility throughout 2013, we’ve seen increased convergence and alignment amongst internal teams, including IT, security and the business. As a result, organizations are better poised to provide the context for communicating risks. We’ve also seen the business ecosystem evolve to include geographically diverse vendors and third parties, and as a result, organizations must continue to view these entities as part of the organization itself, and manage them in a more tightly and integrated way.

Organizations have also moved away from doing IT and security operations on an ad-hoc basis, taking on a formal and structured approach that is more aligned with business priorities. Lastly, 2013 saw the continued emergence of new and innovative online, wireless and mobile technologies, requiring organizations and IT departments to get ahead of the bring-your-own-device (BYOD) trend, especially as employees continue to move away from corporate devices with some personal usage, to personal devices with significant corporate usage.

It is important that we reflect on some of these key trends in 2013, especially as we look ahead to 2014. The year ahead will require even stronger risk management, with an increased focus on leveraging social media to drive situational awareness. Organizations will need to focus more of their efforts on continuous monitoring, also leveraging security and risk analytics based on IT and security Big Data.

Organizations that focus their efforts in a thoughtful, methodical and analytical way will be poised to keep pace, and stay ahead of change and complexity in order to drive strong business performance and sustainable value to the organization and its key stakeholders.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.