What Is Risk?

Apr 20, 2022 Lazarus Alliance 0 Comment

Part 1: Risk and Security in Modern Systems

“Risk “is a term gaining real traction in any industry where cybersecurity regulations impact businesses. Many frameworks and regulations are turning to risk management as a proactive and comprehensive approach to security management. This shift can mean big changes for enterprises that aren’t generally considering risk as part of their security profile.

This article is the first in a series of articles related to risk management as a challenge for modern businesses. Throughout this series, we will cover several topics related to risk management in modern business:

Why is risk management becoming the focus of cybersecurity?
Is abstract risk management detrimental to companies that would benefit from clearly-defined standards?
How does risk management apply to both enterprise and small businesses alike?
Is there a way to implement risk management with a standards-first approach?
Are their platforms, visualization tools, etc., that can change how we look at risk management?

What is ISO 31000?

Feb 24, 2022 Lazarus Alliance 0 Comment

Many enterprises are looking for ways to increase their security and to protect their interests. As the world of cybersecurity, legal risk and operational challenges become more and more complex, checklist compliance regulations just aren’t going to cut it. That’s why governments and private organizations are increasingly turning to risk management as a tool for security and compliance. That’s why ISO 31000, a standardization guide for risk management frameworks, is so important.

What Are Data Protection Impact Assessments in GDPR?

Jan 19, 2022 Lazarus Alliance 0 Comment

The General Data Protection Regulation (GDPR) has fundamentally changed how organizations do business in the European Union. It isn’t enough to undergo audits or meet arbitrary security requirements. Like many high-stakes security contexts, GDPR requires a company to dedicate significant time to maintaining data privacy, cybersecurity and consumer rights.

To help address high-risk data processing situations, GDPR may require your business to complete a Data Protection Impact Assessment or a DPIA. For many companies, these are not optional so we will cover the details in this article.