Every organisation should take a fresh look at the impact specific cyber events can have and whether management’s response plan is properly oriented and sufficiently supported. This review includes an assessment of internal processes and capabilities to determine whether proactive steps should be taken to make necessary improvements — both near term and long term.
The key to mitigating IT risks is to minimise the harm they can cause. One way to manage risks is for boards to set up policies and procedures to reduce risks. Non-profit boards can also transfer some degree of risk by purchasing the appropriate insurance policies or by outsourcing some activities
Understanding the risk What is the value of the information we hold (e.g. intellectual property, financial, strategic plans and other business critical information, customer/personal data)? What are our ‘crown jewels’ that need the most protection? What is the potential impact if this information is stolen or corrupted (e.g. reputational damage; damage to market value and […]
Ransomware is primarily about money, the ability of the ransomware author to get money from the victim with in a very short period of time. Phishing is the ability of a person to gain control to your system for the purpose of monetary, data or other information retrieval from your system. Immediate financial gain is […]
Information Technology “Findings for credit unions with total assets less than €40m noted a common risk issue related to inadequately resourced IT function. Credit unions should have in place effective structures to manage IT related risks that are appropriate for the business model, size and technological complexity of the credit union, as well as the […]