What could go wrong? In your opinion, how likely is it to go wrong? Board of Directors.
Board members need to insist on understanding IT / Cybersecurity risks. Only with this knowledge, can they properly discuss those risks at board level and achieve a consensus on setting the enterprise’s risk tolerance. When it comes to cybersecurity strategy, perhaps the single most important goal for boards and CEOs is defining the enterprise’s IT […]
How Long Does It Take to Implement a Patch?
Every organisation should take a fresh look at the impact specific cyber events can have and whether management’s response plan is properly oriented and sufficiently supported. This review includes an assessment of internal processes and capabilities to determine whether proactive steps should be taken to make necessary improvements — both near term and long term.
Managing IT Risks for Community and Non-profit Boards
The key to mitigating IT risks is to minimise the harm they can cause. One way to manage risks is for boards to set up policies and procedures to reduce risks. Non-profit boards can also transfer some degree of risk by purchasing the appropriate insurance policies or by outsourcing some activities
IT Risk Management – Questions to ask
Understanding the risk What is the value of the information we hold (e.g. intellectual property, financial, strategic plans and other business critical information, customer/personal data)? What are our ‘crown jewels’ that need the most protection? What is the potential impact if this information is stolen or corrupted (e.g. reputational damage; damage to market value and […]
Ransomware
Ransomware is primarily about money, the ability of the ransomware author to get money from the victim with in a very short period of time. Phishing is the ability of a person to gain control to your system for the purpose of monetary, data or other information retrieval from your system. Immediate financial gain is […]
Central Bank PRISM 2019
Information Technology “Findings for credit unions with total assets less than €40m noted a common risk issue related to inadequately resourced IT function. Credit unions should have in place effective structures to manage IT related risks that are appropriate for the business model, size and technological complexity of the credit union, as well as the […]