Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, as well as a a powerful hedge against many of the threats that your business faces, whether you are an established firm or a pioneering startup. In this recorded webinar I introduce the basics of risk analysis and the core concepts involved in assessing your organization’s cybersecurity.
During my research in preparation for this webinar I gathered together links to several free risk assessment resources you might want to check out, particularly if you are exploring this aspect of security for the first time.
- HHS Basics of Risk Analysis and Risk Management:
- NIST Guide for Conducting Risk Assessments
- 2015 ISACA and RSA Conference Survey
- CompTIA Security Assessment Wizard:
- HHS Security Risk Assessment Tool
- DHS Cyber Security Evaluation Tool
- CERT OCTAVE (Operationally Critical Threat Asset & Vulnerability Evaluation) Allegro Version
Of these, the OCTAVE Allegro methodology from CERT may be the most practical for smaller businesses or organizations that are beginning the risk assessment and management process.
So, I hope you find the webinar helpful. Feel free to leave a comment if you think I missed important stuff, or if you think I got things wrong (or right)..
Note: You may be asked to register to watch, but there is no charge, and you only have to register once to see a whole bunch of security webinars recorded by myself and my fellow researchers.
Author Stephen Cobb, ESET