Risk Management: A Look Back at 2013 and Ahead to 2014

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Risk Management: A Look Back at 2013 and Ahead to 2014-6 Next

Focus on continuous monitoring in risk management: Security and IT teams understand that near real-time monitoring of threats, vulnerabilities and potential exposures is becoming table-stakes for effective risk management. Many regulations and standards, such as PCI DSS 3.0, ISO 27001, ISO 22301, NERC CIP 5 and NIST CSF have and will continue to be updated with more effective approaches to risk management, based on continuous monitoring. Security and compliance teams need to be prepared for these updates, not only with technologies, but also by driving processes and people skills to another level of maturity in order to effectively implement these new lines of defense.

According to Yo Delmar, vice president of MetricStream, 2013 has been witness to extraordinary change. We are living and doing business in an increasingly global, mobile, social and Big Data world, fraught with new risks and complex regulations. As such, individuals and organizations are struggling to keep pace.

In response to greater uncertainty, complexity and volatility throughout 2013, we’ve seen increased convergence and alignment amongst internal teams, including IT, security and the business. As a result, organizations are better poised to provide the context for communicating risks. We’ve also seen the business ecosystem evolve to include geographically diverse vendors and third parties, and as a result, organizations must continue to view these entities as part of the organization itself, and manage them in a more tightly and integrated way.

Organizations have also moved away from doing IT and security operations on an ad-hoc basis, taking on a formal and structured approach that is more aligned with business priorities. Lastly, 2013 saw the continued emergence of new and innovative online, wireless and mobile technologies, requiring organizations and IT departments to get ahead of the bring-your-own-device (BYOD) trend, especially as employees continue to move away from corporate devices with some personal usage, to personal devices with significant corporate usage.

It is important that we reflect on some of these key trends in 2013, especially as we look ahead to 2014. The year ahead will require even stronger risk management, with an increased focus on leveraging social media to drive situational awareness. Organizations will need to focus more of their efforts on continuous monitoring, also leveraging security and risk analytics based on IT and security Big Data.

Organizations that focus their efforts in a thoughtful, methodical and analytical way will be poised to keep pace, and stay ahead of change and complexity in order to drive strong business performance and sustainable value to the organization and its key stakeholders.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.