Tag Archives: risk management

Cyber Insurance Carriers Are Insuring the Wrong Thing

By Chris Cronin Cyber security insurance is rapidly becoming a staple for cyber security risk management. Organizations are increasingly transferring cyber security risk to insurance carriers who will cover costs that result from a cybersecurity breach.

4 Reasons Why Third-Party Risk Management (TPRM) Should Be Reviewed

As people “Stay at Home” and work remotely during the COVID-19 pandemic, organizations have an increased reliance on external partners, suppliers, and third party vendors to keep their businesses running. For some companies, this may be the first time their employees worked outside of their office, without the benefit of established cyber security policies for […]

RIMS 2020 – Risk Management Conference

HALOCK partner and The DoCRA Council Board Chair, Chris Cronin will be speaking at RIMS 2020; RIMS is the Risk Management Society’s annual conference where the risk community gathers to generate ideas and learn the latest strategies in risk management. This is the largest risk event of the year for a reason. UPDATE: RIMS has […]

Cyber Risk Management (or How to Comply with Everything)

Developing cyber security and privacy policies and procedures to comply with applicable regulations is only the first step in securing your data and preventing a breach and risk management. This panel will discuss how organizations of all sizes can develop a cyber risk management approach that will enable them to develop a comprehensive, robust, resilient, […]

REDUCING RISKS THROUGH COMPENSATION: HOW TO INSTITUTIONALIZE RISK MANAGEMENT IN EMPLOYEE INCENTIVE COMPENSATION PLANS

REDUCING RISKS THROUGH COMPENSATION. Has your organization been struggling to achieve its compliance goals? Whether your organization is new to risk management or you’ve been struggling with compliance for some time, making compliance a part of every employee’s compensation plan is a smart strategy. This can get everyone in your organization thinking about information security […]

HOW TO FIND THE RIGHT QSA

Author: Todd Becker, PCI QSA, ISO 27001 Auditor If you are a Level 1 or Level 2 merchant, complying with the Payment Card Industry Data Security Standard (PCI DSS) continues to get more complicated.  The stakes have never been higher for large organizations that process payments.  With major data breaches constantly in the headlines like Target, […]

PREPARING FOR YOUR DATA BREACH

PREPARING FOR YOUR DATA BREACH. Author: Chris Cronin, ISO 27001 Auditor Most InfoSec professionals don’t want to think about becoming the next victim of a major data breach to make the headlines. And yet when faced with another major data breach it is a time when Executive Management and security teams reflect on their own insecurities. […]

Lessons in Risk Management: What We Should Learn from the FAA Fire

Author: Chris Cronin, ISO 27001 Auditor Too often in information security we focus on the confidentiality of personal information, ignoring the damage that can result from failures in integrity and availability. In fact, this is the main driver of much of our information security spending in the U.S. But the proper function of information and communications […]