MetricStream Global Survey Reveals Chasm Between IT Cyber Risk Management Strategy and Actual Practice
Survey Shows IT Risk Management Elevated to the Executive Level, However Most Organizations Still Use Spreadsheets to Manage Risk and Compliance
News provided by
Share this article
Share this article
SAN JOSE, Calif., Feb. 9, 2021 /PRNewswire/ MetricStream, the market leader in governance, risk, and compliance (GRC), and integrated risk management products and solutions, today unveiled the results of their global IT Risk and Compliance Survey, in which enterprise security and risk professionals from around the world addressed top IT cyber risk concerns for 2021. Key findings show despite risk management taking center stage at the executive level, most organizations still rely on spreadsheets to manage IT risks.
[author: Josh Reid]
In today’s business landscape, it is nearly impossible to work alone. You have to collaborate with clients, vendors, suppliers, specialists, and plenty of other partners all considered third parties to your organization. As a result, partner organizations have access to
sensitive and confidential data about your company and your customers, or they support a critical business process. Your organization needs to understand and manage the risk exposure that these third parties present.
Traditionally, security teams have tried to understand ongoing third-party risk by using annual security assessments. However, this method poses several challenges to security teams.
Thompson Coburn LLP
Christine advocates for clients in disputes against the federal government in fraud investigations, challenging federal regulations, and administrative proceedings and advises on FAR, DFARS, cybersecurity, and supply chain risks in government contracts.
Christine defends organizations in litigation against federal and state agencies or prime- or subcontractors, and fights for companies disputing regulations that harm their business. With years of experience writing persuasive motions and pleadings, preparing appeals, negotiating settlements, arguing hearings, taking and defending depositions, and planning and leading discovery in complex cases, she builds cases and strategizes the best results for her clients.
Shawn Malone Security Diligence, LLC
Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds believes 18,000 customers may have been affected by the attack, including multiple U.S. government agencies and prominent technology vendors and service providers.
This attack is a stark reminder of how third and fourth parties pose information security risks to your organization. Join this session to hear experts deconstruct the SolarWinds hack and learn ways to proactively mitigate and manage similar risks facing your organization.
What you’ll learn:
Third-Party Cyber Risks in the Financial Industry
Was added to your briefcase
Samoa
Password must have a minimum of 6 characters
Email Newsletters
Already have an
Complete your profile and stay up to date
Title Level
eCommerce / eBusiness
Samoa Keep me signed in
Create an ISMG account now
Submit × Close
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.