risk management

Completing the Puzzle

In a previous blog I reviewed the real world pay back for being a risk leader.  Let’s say your company gets it, they know that good risk management increases the likelihood objectives will be fulfilled and profits improved, and now you’ve been given the assignment to start the risk management program to make your organization a…

Defining Your Cyber Risk Appetite

When a senior executive tells the board he or she wants to discuss the company’s risk appetite, usually the board’s interest is piqued. After all, understanding an organization’s risk appetite is critical to the decisions the board makes. So why should defining a company’s cyber risk appetite be so difficult? A CISO’s role is to…

Capture the Prize

Risk is the effect of uncertainty on objectives.  Managing risk well increases the certainty that objectives will be achieved.  Not surprisingly, organizations leading in risk management “capture the prize”.  According to a PWC Risk Review, organizations more frequently achieve their objectives, are more profitable and less likely to experience a negative profit margin than those…

The Business Value of RSA Archer

Implementing an effective governance, risk, and compliance program can be a costly and time-consuming effort: Hardware, software, and the active engagement of a lot of people in the first, second and third lines of defense.  Before implementing a program, and periodically throughout the life of the program, the question always arises from senior management: Is…

Resiliency and Risk Management

I’m glad the world didn’t end during DRJ Spring World 2017 conference as more than 1,000 of the world’s business continuity and disaster recovery specialists were there! It was a great conference and I had the pleasure of presenting on building resiliency across the organization’s value chain, and the key relationship between business resiliency and…

What do RSA Conference 2017 and my DVR have in common?

Another year, another RSA Conference. At this point, I have lost count of my appearances at this annual gathering of all things security – I believe it was number 15 or 16 for me. I say “appearances” because the days blur into such a steady stream of meetings, discussions and general sensory overload that at…

Stirring Up GRC Ghosts at RSA Charge 2016

We held RSA Charge 2016 in New Orleans, the week prior to Halloween, in the “most haunted city in America” – and what a phenomenal turnout! We were thrilled to have more 2,000 attendees register and join us in person to share best practices for GRC, security and business risk management.  The conference proved again…

Dude, Where Is My Archer Summit?

We have all had that moment walking out of the shopping mall or the airport.  Everyone knows the feeling when that rush of doubt takes hold of our brains.  We stand frozen and frantically wait for our cerebral cortex to do its thing and pluck that single memory out of our vast network of synapses……

Great Things Come in 3s – EMC (RSA) Positioned in Leader’s Quadrant in Three Gartner Magic Quadrants

We have all heard the adage that great things come in threes. Stooges. Pigs. Blind Mice. The list goes on and on. I have am very pleased to announce another thrilling combination of three – Gartner Magic Quadrants. EMC (RSA) has been positioned in the leader’s quadrant in three Gartner Magic Quadrants: Operational Risk Management,…

Announcing RSA Archer GRC 6.1

RSA Archer GRC 6 (6.0) was launched in November 2015 under the theme “Inspire Everyone to Own Risk.”  GRC 6 focused on providing organizations with an industry leading GRC platform to transform risk management by engaging everyone within an organization in the risk process. Today, organizations must implement the “three lines of defense,” making risk…