Blog
-
Overview Process for Risk
It is important to manage risk. Risk is the effect (positive or negative) of an event or series of events that take place in one or several locations. It is computed from the probability of the event becoming an issue and the impact it would have (See Risk = Probability X Impact). Various factors should be identified in order to analyze risk.
-
Types of Penetration Tests
Today’s is an introduction into types on Penetration Tests. It is important to remember that Penetration Testing is done on mobile devices, technology in airplanes and boats and so much more than just infrastructure associated with networks.
-
An Introduction to Cyber Penetration Testing
Penetration Testing has many definitions. A penetration test, or sometimes pentest, is a software attack on a computer system that looks for security weaknesses, potentially gaining access to the computer’s features and data.
-
How a Crisis Psychology Plan Can Support Your Recovery Programs
Why is it important to have a Crisis Psychology Program for after a Crisis or Disaster, with an “all hazards” approach? There are many reasons. Put simply, a crisis psychology program can provide the framework for the effective coordination of activities among management and the crisis teams who each play a role in the organization’s response.
-
Transcript From Webinar I Conducted ISO 27035 Security Incident Management
I recently conducted a Training Webinar on ISO 27035 Security Incident Response. This is a transcript from the class that I taught. Please excuse any transcription errors.
-
Great Reading List for Business Continuity and Disaster Recovery
View my list of recommended list of newsletters, magazines and websites on Business Continuity and Disaster Recovery.
-
Do Some Government Policies Unintentionally Create New Cyber Risk?
My posts have all been my original writing, but today is a summary of some thought provoking comments that I have found in my readings regarding government policies and cyber security.
-
Great Reading List for Cyber Awareness
I conducted a Webinar last week or 500 registered attendees, on the topic of preparing and mitigating risks related to Cyber Security. A number of the attendees requested a list of my preferred reading list. Please remember: Cyber Attackers read the same materials. This list will not help you be ahead of them in knowledge, but it is a list of resources to help you be more aware.
-
Gaps in Enterprise Risk Management Planning
An Enterprise Risk Management (ERM) program and processes should include all areas of enterprise risks and impacts that the entity may be exposed to. The risks weave back and forth affecting each other creating larger risks when viewed in a vacuum without looking at the 360 degree risk environment that can affect the organization.
-
Are You Really Fully Addressing Disaster Recovery?
Disaster Recovery is a very sensitive area that needs to be fully addressed in order to prevent things from escalating out of control. In the information age, data is widely regarded as the number one priority for an organization. Protecting sensitive data is a necessity if you plan on staying in business.