What Is a Risk Appetite Statement?

May 11, 2022 Lazarus Alliance 0 Comment

Over the past few weeks, we’ve talked quite a bit about risk:

What it is.
How it applies to compliance.
How you can start to think about it as an aspect of your overall business strategy.

In many of the cases we’ve discussed, we’ve referred to risk in terms of mitigation–how to close the gap between your security capabilities and potential threats in the wild.

But what’s critical to understand about risk is that it is just as much about how much risk you want to take on as you want to remove. And, when discussing potential risks concerning business goals, you must consider your risk appetite statement.

Why Consider Standards-Based Risk Management?

Apr 27, 2022 Lazarus Alliance 0 Comment

We’ve previously discussed the importance of risk management, and the challenges that come from approaching risk through large-scale frameworks. According to an abstract framework, many organizations aren’t necessarily equipped to mobilize far-ranging risk assessments.

Here, we’ll discuss a compromise to combine the best of both worlds: standards-based risk management.

What Are the Problems with Risk Management?

Apr 20, 2022 Lazarus Alliance 0 Comment

In our previous article, we discussed the concept of risk management–what it is and why it’s important.

However, risk management in cybersecurity isn’t new, and many organizations are working towards normalizing risk as an approach for comprehensive cybersecurity and compliance efforts.

While this move is a good one, we also find that many organizations will over-rely on frameworks as an end-all, be-all approach to security, which can prove more confusing than helpful.