Dr Richard Diston’s Post

Just a small, minor observation from the events of last week. Where the fuck was the 'risk management'? I don't just mean at Clownshite. I mean EVERYWHERE. Every year, Beasley and Branson release a report that demonstrates that organisations all over the world don't care about risk management. ERM isn't happening or isn't valued. Why do you think that is? Is it because they realise that it's all fantasy bullshit? All your heatmaps, loss distribution curves and finger-paintings are all utter nonsense. You know it. They know it. You might as well climb and ancient Greek mountain and ask a drugged teenage girl what the future holds. That is how all this started, right? I have been arguing for YEARS that we need to separate security practice from risk management. I have a rational argument for WHY. And for years, I have been ignored. My position is a little bit too 'real' and raw for most people. Yeah, the people who prefer to bullshit are afraid of people who learned and understood. How real and raw was life last week? Just asking. I guarantee you, nobody learned anything from it. Read this if you want an alternative to playing with dice and bullshitting. https://lnkd.in/ezHJC72q

Trust is a key component of our digital lives. It plays a role in our personal as well as in our business lives. Organizations need to know who they can trust before entering into a relationship with a vendor. At least, that’s how it should be. In practice, though, a lot of time is wasted on things like vendor risk management. The existence of vendor risk management and its accompanying forms in itself isn’t a bad thing, according to Stamos. However, thinking that potential problems with some kind of product or system that is based upon tens or hundreds of millions of lines of code are going to be solved by someone filling out some kind of spreadsheet is far from realistic. We could not agree more Alex Stamos, “Trust is the Foundation of any relationship and allows us to move forward”.. Thank you for your insights.. Michael Francis, Jack Lai, Trevor Van Essen, Jason Duerden, Wayne Phillips, Elissa McGrath TOM SHAW

Risks can no longer be evaluated in silos. Enterprise Risk Managers play a key role in identifying the interconnection between risks across different categories such as, Technology x Third party x Continuity x Reputation, and quantifying the collective impact on the business.

A 'routine' security update took out an estimated 9 million computers and is estimated to have cost $5.4bn in the US alone. Worth revisiting your risk management approach? 6-7 minute read. #riskmanagement #businessrisk #assurance #businessinterruption #risk

Join Critical Insight Tuesday, July 23, at 12:30 PM PT and 3:30 PM ET for a panel discussion on incident response readiness for critical infrastructure. What will be covered: The history of #supplychain attacks The methods for #managingrisk Key takeaways: Tools and techniques in #vendormanagement, incident response readiness, risk management practices, and ideas for identifying risk in critical supplies and suppliers. Registration link below 📨 #IR #incidentresponse #risk #infrastructure

I am thrilled to welcome you to the Mawumefa Kendeh blog, a dedicated space crafted with a singular passion: safeguarding data, systems, and, most importantly, people. My blog seeks to delve into the intricate landscape of information security, specifically within the domain of Security and Risk Management. Dissecting concepts related to Governance, Compliance, and Risk (GRC). This blog is not just another resource; it's a commitment to providing the information and insights I wish I had,  when I was  embarking on my own journey in information security. I will break down complex topics, making them easily digestible for all levels of expertise. Whether you're a seasoned professional or someone taking their first steps in the field, mawumefa.kendeh.com is your go-to destination for information security. We will also dive into the details of notable cybersecurity incidents that happened over the years, unraveling the entire lifecycle from breach to resolution. Learn practical lessons from each incident to strengthen your cybersecurity. Discover actionable strategies to prevent similar breaches and safeguard your digital assets. The digital landscape is constantly evolving, and so are the tactics employed by cybercriminals. At mawumefa.kendeh.com, I will  keep you in the loop about the latest hacking methods and emerging threats. By staying informed, you empower yourself to proactively safeguard your data and online accounts. I invite you to join our community of like-minded individuals who share a passion for safeguarding digital landscapes. Let's engage in meaningful discussions, share experiences, and collectively enhance our understanding of information security. Together, let's navigate the ever-evolving landscape of Security and Risk Management, empowering ourselves and others along the way. Stay secure, stay informed! Signed- The Information Security Sentinel Mawumefa #informationsecurity #Governance #Risk #Compliance

By embracing zero trust and data-driven cybersecurity, organizations can meet urgent needs to strengthen risk management and resilience.

By embracing zero trust and data-driven cybersecurity, organizations can meet urgent needs to strengthen risk management and resilience.

By embracing zero trust and data-driven cybersecurity, organizations can meet urgent needs to strengthen risk management and resilience.

By embracing zero trust and data-driven cybersecurity, organizations can meet urgent needs to strengthen risk management and resilience.