Manage episode 321964988 series 2797405
Cybersecurity can often seem to present impossible challenges as organizations strive to repel attack attempts. But, really, cybersecurity’s is about risk management — layering on controls to reduce risk to an acceptable level.
Cybersecurity risk management requires a multi-faceted approach, and organizations should evaluate risk and choose the appropriate option(s) to address it. After a thorough risk assessment, the organization can choose to:
- Accept the risk: Organizations can acknowledge the risk and choose not to resolve, transfer, or mitigate it if it is not feasible.
- Avoid or eliminate the risk: This option may involve elimination of the risky service or feature to remove the risk from the equation.
- Mitigate the risk: This option is where technical and administrative controls are implemented to reduce the likelihood or impact of risk.
- Transfer the risk: This option assigns or moves the risk to a third-party via cyber liability insurance.
Host: Andy Whiteside
Co-host: Bill Sutton
Co-host: Ben Rogers