Tag: cyber risk management

Risk management is broken: why savvy professionals move beyond ERM

Posted in Hot, RAW, Risk managementLeave a comment

What if everything your organization calls “risk management” is actually making you poorer and more vulnerable? While companies worldwide pour billions into risk registers, ERM frameworks, and risk committees, they’re missing the most profound opportunity in modern business: transforming risk management from a cost center into a profit engine that could slash expenses and generate… Continue reading Risk management is broken: why savvy professionals move beyond ERM

3 steps to make FAIR methodology so much better and avoid common pitfals

Posted in Risk management5 Comments

First, kudos to the FAIR team for nudging the IT community towards better risk analysis. I was first introduced to FAIR methodology approximately 2 years ago at the Copenhagen risk management conference. The timing was quite fortunate since we just finished a project quantifying intellectual property risks for a major telecom client in Russia. We… Continue reading 3 steps to make FAIR methodology so much better and avoid common pitfals