Comprehensive software reviews to make better IT decisions
Oxial – How Coronavirus Has Impacted Risk Management
From employee management through leadership and communication, increased cyber threats, logistics and operations to post-pandemic planning and risk mitigation, the threat landscape has experienced enormous change. These noticeable shifts force us to consider rethinking and retooling how we address risk.
How has the risk landscape changed? For one, the likelihood of ineffective digital and remote employee management may result in higher turnover as opportunities become available. The cultural change for management has been enormous; finding a way to lead in the digitized world while ensuring that staff feel valued, listened to, and “well-remunerated” is required. Beyond the cultural changes, cyberthreats have considerably increased in response to the pandemic, requiring companies that had not already done so to include or improve their risk management program in the cybersecurity space. Risk management practices must now consider the impact of supply chain more as a key part of their continuity programs. Finally, as we think of coming out of the lockdown scenario and new risks emerge, we must consider not only how to continue to work in a changed manner, anticipating employee expectations for flexible work environments having proven they can be productive remotely, but also what to do with the brick-and-mortar office building presence in the longer term.
Every once in a long while, an event creates a paradigm shift. In the space of risk management, companies must now address new aspects of traditional business and financial risks resulting from the pandemic and the uncertainty it will bring forth for some time yet. Additionally, risk management must respond to the new risks that result from a hyper-digitized environment where customer and employee expectations have changed while still working to improve management strategies and facilitating risk-based decisions about the longer-term strategies for the business model.
Corporate risk management programs must focus on establishing new models that align with the full scope of the new risk paradigm and develop product-program models that address the entire risk program through effective strategy and tool alignment.
Want to Know More?
By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
Navigating the vendor risk management space, particularly in the current environment that consists of a mix of cloud, managed services, and critical supply chain, is key to ensuring that you don’t inadvertently introduce new risks through this dynamic channel.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
I recently had the opportunity to speak with Jason Rohlf, VP Solutions, Mark Scheinkoenig, VP Commercial Sales, and Emily Figg, VP Marketing about their GRC solution at Onspring to discuss the product audience and upcoming features.