spot_img
HomeGRCInsights

GRCInsights

Business Strategy, Risk Management, Checking Boxes, and Adding Value

What drives our business decisions?So many questions. So many assumptions. So many interdependencies. So many perspectives to consider. What truly drives our strategy and...

The commonalities of cyber-risk between SMB, State/Local Government, and the organizations that support them

The field of cybersecurity is often considered a blend of highly technical engineering and a sort of dark magic. Collectively, we defend organizations in...

Managing software risk in the DevOps era

The cyber security attack on Solarwinds has been a bit of a wake-up call for security and risk professionals.  The Solarwinds Orion™ software was...

CMMC: Supply Chain Cyber Defense

It is 2030. If we look back to 2020 and 2021 we will find the roots of the U.S. Department of Defense (DoD) standard,...

Cyber Culture Eats Cyber Strategy for Breakfast

IT professionals around the world have some thorough and detailed frameworks and guidelines to use when it comes to developing a robust information security...

Why Is Phishing Awareness Training Important?

Security awareness training courses, while inherently valuable to any organization’s information security strategy, need practical support to be effective. In other words, just showing...

A DevOps platform fills a critical gap in vulnerability management

Vulnerability management has historically focused on network security. Security information and event management (SIEMs) were created to help users manage the plethora of vulnerability...

Getting Rid of Security Industry Fat – Technology that does nothing for you

We can all agree – due to the global pandemic, the world has changed. It acts differently, it works differently, and it produces differently....

3 (Not-So-)Simple Rules of Vulnerability Management

You would think in 2021 that keeping your computer systems and applications up-to-date and protected against attacks would be simple—turn on automatic updates for...

What’s your strategy?

If someone asked what your security organization’s strategy is this year, would you be able to talk to it?  Every organization should have a...

Hot Topics