Education, Evaluation and Risk Management - Continuity Professionals Pulse

The chief information security officer (CISO) role explained

BMC

NOVEMBER 18, 2024

Responsibilities begin with setting the right criteria and mechanism to hire employees with knowledge and awareness of the security risks facing their daily work routine. This is achieved by establishing a robust crisis communication channel, disaster recovery and risk management system.

Security

Security Disaster Recovery Evaluation Cybersecurity

Business, Interrupted: Post-Pandemic Thinking Like a Risk Manager

Castellan

DECEMBER 13, 2021

That’s what we discussed in an episode of Castellan’s new podcast, Business, Interrupted , with Melanie Lucht, Associate Vice President and Chief Risk Officer at Carnegie Mellon University. At Carnegie Mellon, Lucht got a unique opportunity to lead its new enterprise risk management department with an emphasis on organizational resilience.

Pandemic

Pandemic Risk Management Management Business Continuity

Building a Campus-Wide Cybersecurity Culture: From Administration to Students

Reciprocity

MAY 15, 2025

Higher education institutions face unprecedented cybersecurity threats, with 97% experiencing breaches last year. This guide explores how to build a comprehensive security culture across campusfrom administration to studentswhile managing complex compliance requirements. The regulatory landscape compounds these challenges.

Cybersecurity

Cybersecurity Education Strategic Government

Governance 101: Why Separation of Duties is Non-Negotiable

LogisManager

MARCH 14, 2025

Where SoD is Essential in Risk Management Separation of Duties applies anywhere conflicts of interest or lack of oversight could lead to bad outcomes. In an Enterprise Risk Management (ERM) platform , that means: Risk Identification: The person flagging a risk shouldnt be the one approving it.

Government

Government Audit Mitigation Evaluation

AI Integration: A Strategic Asset for Chief Risk Officers

Solutions Review

OCTOBER 10, 2024

Reimagining Risk Management A robust risk management function has proven vital to an organization’s health and future, especially as companies adapt to the ever-changing business environment and intensified regulatory landscape. Risk management has evolved greatly from the days of purely judgment-based decisions.

Strategic

Strategic Risk Management Mitigation Disaster Recovery

The 6 Best Risk Management Courses on Coursera for 2023

Solutions Review

APRIL 24, 2023

The editors at Solutions Review have compiled this list of the best risk management courses on Coursera to consider if you’re looking to grow your skills. Risk management is an essential skill in the data protection space. The platform touts more than 77 million learners around the globe.

Risk Management

Risk Management Management Disaster Recovery Cybersecurity

What Is Enterprise Risk Management & Its Importance

Reciprocity

NOVEMBER 5, 2021

The modern corporate organization faces a host of risks that can affect operational efficiency and regulatory compliance. Simple awareness is not enough to stay ahead of these risks. You must find ways to manage, mitigate, accept, or transfer these risks. Here’s where enterprise risk management (ERM) comes in.

Risk Management

Risk Management Management Audit Strategic

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team

Pure Storage

OCTOBER 14, 2024

When employees across the organization are educated about the importance of security, they’re less likely to fall victim to phishing attacks or other social engineering schemes. Risk Management and Assessment Leaders must evaluate potential risks to the organization and prioritize resources to mitigate them.

Cybersecurity

Cybersecurity Security Evaluation Vulnerability

5 Steps to Implement Enterprise Risk Management (ERM)

Reciprocity

MARCH 28, 2022

Enterprise risk management is critical for business success. The fundamental components of ERM are evaluating significant risks and applying adequate responses. Factor analysis of information risk (FAIR) provides a common risk mitigation vocabulary to help you to address security practice weaknesses.

Risk Management

Risk Management Management Mitigation All-Hazards

5 Steps to Implement Enterprise Risk Management (ERM)

Reciprocity

AUGUST 18, 2022

Enterprise risk management (ERM) is critical for success in the modern business landscape. Your ERM program should encompass all aspects of risk management and response in all business processes, including cybersecurity, finance, human resources, risk management audit , privacy, compliance, and natural disasters.

Risk Management

Risk Management Management Mitigation Strategic

What is Vendor Risk Management (VRM)? The Definitive Guide

Reciprocity

MARCH 24, 2022

Vendor risk management (VRM), a part of vendor management, is the process of identifying, analyzing, monitoring, and mitigating the risks that third-party vendors might pose to your organization. Third-party risk management begins with due diligence before signing a contract, as with any risk management program.

Risk Management

Risk Management Management Audit Cybersecurity

A Guide to Completing an Internal Audit for Compliance Management

Reciprocity

DECEMBER 20, 2022

Regular internal audits help your organization to evaluate and improve the effectiveness of risk management, control, and governance processes. Compliance risks, however, are just one category of risk that internal auditors monitor to evaluate the effectiveness of your organization’s risk management process.

Audit

Audit Management Evaluation Activation

Risk Assessment vs Risk Analysis

Reciprocity

APRIL 4, 2022

Although people often use the words “assess” and “analyze” interchangeably, the terms are not synonymous in risk management. A risk assessment forms the backbone of your overall risk management plan. What Is a Risk Assessment? ” What is the Risk Analysis Process?

All-Hazards

All-Hazards Mitigation Risk Management Hazard

How to Develop a Risk Culture at Your Organization

Reciprocity

SEPTEMBER 12, 2024

Risk is inseparable from the modern business landscape – and therefore, every company needs an effective risk management program to identify, assess, manage, and mitigate risk. But another critical element to risk management binds all those other components together: risk culture.

Risk Management

Risk Management Evaluation Strategic Communications

NIST CSF 2.0: What It Is, Why It Matters, and What It Means for Your Data

Pure Storage

AUGUST 12, 2024

A new “Govern” function that elevates the core objectives of accountability and transparency and emphasizes integrating cybersecurity into overall enterprise risk management rather than treating it as a stand-alone concern. provides a comprehensive, flexible, and cost-effective approach to managing cybersecurity risk.

Cybersecurity

Cybersecurity Audit Evaluation Authentication

Six Top Practitioner-Focused Sessions at ISC West

Security Industry Association

MARCH 6, 2023

ISC West 2023 is coming up March 28-31 in Las Vegas, and the Security Industry Association (SIA) and ISC West recently revealed full conference details for the SIA Education@ISC West program , including keynote presentations from top luminaries and 65+ sessions on the most current business trends, technologies and industry developments.

Retail

Retail Education Consulting Cybersecurity

Security and Proptech: Market Drivers and Barriers to Growth

Security Industry Association

MARCH 9, 2023

The report evaluates proptech trends, market size and buying interests affiliated with security solutions in the security industry. The commercial real estate space can benefit from industry training to educate their team not only to be a more informed buyer, but also to be more engaged with the daily functions of their system(s).

Marketing

Marketing Security Technology Risk Management

How to Navigate the Cybersecurity Minefield of Remote Work

LogisManager

MARCH 19, 2024

It’s crucial for companies to continuously evaluate and improve their cybersecurity strategies to mitigate risks and comply with legal and regulatory requirements. What Cybersecurity Risks Do Remote Workers Face? The shift to remote work has introduced a spectrum of cybersecurity risks that organizations must navigate.

Cybersecurity

Cybersecurity Risk Management Mitigation Vulnerability

Storage and Data Protection News for the Week of April 28; Updates from Cobalt Iron, Datto, Pure Storage & More

Solutions Review

APRIL 28, 2023

The report comes after the analyst group evaluated 12 backup solutions on the basis of backup administration; backup capabilities; cyber-resilience; configuration, licensing, and pricing; recovery and restores; snapshot administration; and support. Read on for more.

Disaster Recovery

Disaster Recovery Backup Cyber Resilience High Availability

Data Protection Predictions from Experts for 2025

Solutions Review

DECEMBER 12, 2024

This heightened accountability is set to redefine service contracts and risk management strategies. In 2025, organizations must adopt advanced attack surface management strategies to gain visibility into their entire supplier networks to fully assess their exposure to cyberattacks.

Vulnerability

Vulnerability Cybersecurity Malware Audit

How to Navigate the Cybersecurity Minefield of Remote Work

LogisManager

MARCH 19, 2024

It’s crucial for companies to continuously evaluate and improve their cybersecurity strategies to mitigate risks and comply with legal and regulatory requirements. What Cybersecurity Risks Do Remote Workers Face? The shift to remote work has introduced a spectrum of cybersecurity risks that organizations must navigate.

Cybersecurity

Cybersecurity Risk Management Mitigation Vulnerability

IRM, ERM, and GRC: Is There a Difference?

Reciprocity

AUGUST 24, 2022

The various niches of risk management have become a veritable alphabet soup of acronyms. As a result, we now have: Enterprise risk management (ERM). Governance, risk management, and compliance (GRC). Integrated risk management (IRM). The advent of the digital age is partly to blame.

Risk Management

Risk Management Audit Insurance Insurance

How to Prevent Third-Party Vendor Data Breaches

Reciprocity

OCTOBER 7, 2024

It begins with a robust and responsive vendor risk management policy, which can be divided into several action areas. An audit evaluates how the organization executes against its security compliance framework, as well as its performance in previous audits. So how do organizations best prevent third-party vendor data breaches?

Audit

Audit Cybersecurity Evaluation Risk Management

The Difference Between Strategic and Operational Risk

Reciprocity

AUGUST 17, 2022

New technologies, increasing digitization, and evolving customer demands create risks that can disrupt operations, weaken cybersecurity, and harm the organization’s reputation or financial position – and above all, leave the organization unable to achieve its business objectives. Enterprise Risk Management (ERM).

Strategic

Strategic Risk Management Mitigation Evaluation

What Does a Compliance Management System Look Like?

Reciprocity

AUGUST 15, 2022

The OCC also cautioned against interest rate risks, operational risks (again, heightened because of COVID-19), increased cybersecurity risks, compliance risks related to the Bank Secrecy Act (BSA), consumer compliance issues, and fair lending as areas of concern. Senior Management. Effective risk management.

Management

Management Audit Banking Media

What is Zero Trust Architecture?

Pure Storage

MAY 2, 2024

Vendor risk management: Enterprises can extend zero trust principles to third-party vendor access, ensuring that even external entities are subject to the same stringent security controls as internal users. Assessing access controls: Evaluate areas where access is overly permissive and should be restricted.

Architecture

Architecture Authentication Audit Activation

Tips for Managing Third-Party Risk in Health Care

Reciprocity

SEPTEMBER 30, 2022

Third parties generate, manage, or hold this data, resulting in even more severe threats to healthcare organizations and their information security. This is why third-party risk management and healthcare data security are critical. What is Healthcare Vendor Risk Management? Notes on Vendor Access et. Access to PII.

Healthcare

Healthcare Management Vulnerability Risk Management

Data Privacy Officer Responsibilities

Solutions Review

JUNE 9, 2023

Conducting Privacy Impact Assessments (PIAs): Data Privacy Officers are tasked with conducting Privacy Impact Assessments (PIAs) to identify and assess privacy risks associated with new or existing data processing activities. They collaborate with legal teams to navigate complex legal frameworks and mitigate potential risks.

Impact Analysis

Impact Analysis Authorization Mitigation Education

How Small Issues Can Lead to Big Consequences

Business Resilience Decoded

MARCH 31, 2022

Episode 99: How Small Issues Can Lead to Big Consequences with Kevin Kupietz This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Dr. Kevin Kupietz is the chairperson of the Elizabeth City State University (ECSU) Department of Aviation and Emergency Management.

Disaster Recovery

Disaster Recovery Emergency Response Emergency Response Sports

How Small Issues Can Lead to Big Consequences

Business Resilience Decoded

MARCH 31, 2022

Episode 99: How Small Issues Can Lead to Big Consequences with Kevin Kupietz This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Dr. Kevin Kupietz is the chairperson of the Elizabeth City State University (ECSU) Department of Aviation and Emergency Management.

Disaster Recovery

Disaster Recovery Emergency Response Emergency Response Sports

How Small Issues Can Lead to Big Consequences

Business Resilience Decoded

MARCH 31, 2022

Episode 99: How Small Issues Can Lead to Big Consequences with Kevin Kupietz This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Dr. Kevin Kupietz is the chairperson of the Elizabeth City State University (ECSU) Department of Aviation and Emergency Management.

Disaster Recovery

Disaster Recovery Emergency Response Emergency Response Sports

5 Metrics & KPIs You Should Be Tracking for Business Resilience

Business Resilience Decoded

OCTOBER 6, 2022

Episode 125: 5 Metrics & KPIs You Should Be Tracking for Business Resilience This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Implementation: What are the common plan requirements that you are measuring or evaluating? Request a demo at [link] today!

Resilience

Resilience Disaster Recovery Sports Evaluation

5 Metrics & KPIs You Should Be Tracking for Business Resilience

Business Resilience Decoded

OCTOBER 6, 2022

Episode 125: 5 Metrics & KPIs You Should Be Tracking for Business Resilience This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Implementation: What are the common plan requirements that you are measuring or evaluating? Training and education: Does your program have a curriculum?

Resilience

Resilience Disaster Recovery Sports Evaluation

SIA New Member Profile: Petrone Risk

Security Industry Association

AUGUST 3, 2023

New Security Industry Association (SIA) member Petrone Risk offers legal risk management and SAFETY Act consulting and specializes in emergency preparedness and the SAFETY Act. SIA spoke with John Petrone, senior managing director and founder of Petrone Risk, about the company, the security industry and working with SIA.

Accreditation

Accreditation Entertainment Risk Management Sports

Information Security vs. Cybersecurity: Main Differences

Reciprocity

APRIL 4, 2022

On the contrary, they have several critical differences that security professionals should understand, if you want to deliver the best protection and risk management possible to your organization. Stakeholder awareness and education. They’re not. Cybersecurity strategies are comprehensive, including: Network security.

Cybersecurity

Cybersecurity Security Internet Malware

Important KPIs for Successful Vendor Management

Reciprocity

AUGUST 24, 2022

Every risk management program should include risks posed by your vendors. Beware, however: vendor risk management is a complex process unto itself, requiring ongoing monitoring and measurement. What Are Vendor Risk Management Metrics? What Are the Most Common Vendor Risks? Cybersecurity.

Management

Management Risk Management Cybersecurity Strategic

What to Expect in Business Continuity Employment for the Last Half of 2021

Castellan

JUNE 2, 2021

Among the top path leading respondents to business continuity are: Management: 21% IT-Operations: 18% Program management: 18% Operations: 17% Business process improvement: 16% IT-Systems: 16% Risk management-operational: 14% Business analyst: 14% Administrative: 13% Consultant: 13%. Requesting More Resources.

Business Continuity

Business Continuity Pandemic BCM Crisis Management

Why Buying SaaS GRC Software Is a Smart Investment

Reciprocity

OCTOBER 1, 2022

As organizations and businesses around the world and across industries migrate their IT to the cloud, C-suites are faced with a new dilemma for governance, risk management and compliance (GRC) solutions: cloud versus on-premise software. That’s time and money that might be better spent elsewhere.

Government

Government Internet Risk Management Cloud Computing

Details Revealed for 2022 SIA New Products and Solutions (NPS) Awards at ISC West

Security Industry Association

DECEMBER 16, 2021

Each year, the SIA NPS judges dedicate significant time and consideration to carefully evaluating the submissions and selecting honorees from a pool of high-quality entries, signaling the best and most innovative products, solutions and services on the market today.”.

Marketing

Marketing Asset Management Security Communications

Successfully Navigating Identity Management Strategies

Risk Management Monitor

JUNE 11, 2021

Data security spans two areas of organizational risk: unauthorized data use and privacy issues associated with authorized data processes. When evaluating an identity management strategy, it is imperative to start at a high level, which includes data access governance to limit access and meaningfully reduce the risk of loss or theft.

Management

Management Authorization Outsourcing Government

What is Zero Trust Architecture?

Pure Storage

OCTOBER 23, 2023

Vendor risk management: Enterprises can extend zero trust principles to third-party vendor access, ensuring that even external entities are subject to the same stringent security controls as internal users. Assessing access controls: Evaluate areas where access is overly permissive and should be restricted.

Architecture

Architecture Authentication Audit Activation

33 Data Privacy Week Comments from Industry Experts in 2023

Solutions Review

JANUARY 25, 2023

New systems will be a collection of smaller applications working harmoniously for better risk management and future outlook. The number one issue when it comes to data privacy is the lack of education and guidance for an organization’s team. Gone are the days when we implemented large ERP-like systems.

Backup

Backup Government Application Security

5 Metrics & KPIs You Should Be Tracking for Business Resilience

Business Resilience Decoded

OCTOBER 6, 2022

Episode 125: 5 Metrics & KPIs You Should Be Tracking for Business Resilience This episode is brought to you by Fusion Risk Management, Building a More Resilient World Together. Implementation: What are the common plan requirements that you are measuring or evaluating? Request a demo at [link] today!

Resilience

Resilience Disaster Recovery Sports Evaluation

Business Continuity is NOT a Data Backup

Stratogrid Advisory

JULY 6, 2019

Many business management disciplines, including Business Continuity Management (BCM) and Operational Risk Management (ORM), contribute to continuous improvement and safeguards of the organization’s resources and strategic goals.

Business Continuity

Business Continuity Backup BCM Disaster Recovery

The chief information security officer (CISO) role explained

Business, Interrupted: Post-Pandemic Thinking Like a Risk Manager

Trending Sources

Building a Campus-Wide Cybersecurity Culture: From Administration to Students

Governance 101: Why Separation of Duties is Non-Negotiable

AI Integration: A Strategic Asset for Chief Risk Officers

The 6 Best Risk Management Courses on Coursera for 2023

What Is Enterprise Risk Management & Its Importance

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team

5 Steps to Implement Enterprise Risk Management (ERM)

5 Steps to Implement Enterprise Risk Management (ERM)

What is Vendor Risk Management (VRM)? The Definitive Guide

A Guide to Completing an Internal Audit for Compliance Management

Risk Assessment vs Risk Analysis

How to Develop a Risk Culture at Your Organization

NIST CSF 2.0: What It Is, Why It Matters, and What It Means for Your Data

Six Top Practitioner-Focused Sessions at ISC West

Security and Proptech: Market Drivers and Barriers to Growth

How to Navigate the Cybersecurity Minefield of Remote Work

Storage and Data Protection News for the Week of April 28; Updates from Cobalt Iron, Datto, Pure Storage & More

Data Protection Predictions from Experts for 2025

How to Navigate the Cybersecurity Minefield of Remote Work

IRM, ERM, and GRC: Is There a Difference?

How to Prevent Third-Party Vendor Data Breaches

The Difference Between Strategic and Operational Risk

What Does a Compliance Management System Look Like?

What is Zero Trust Architecture?

Tips for Managing Third-Party Risk in Health Care

Data Privacy Officer Responsibilities

How Small Issues Can Lead to Big Consequences

How Small Issues Can Lead to Big Consequences

How Small Issues Can Lead to Big Consequences

5 Metrics & KPIs You Should Be Tracking for Business Resilience

5 Metrics & KPIs You Should Be Tracking for Business Resilience

SIA New Member Profile: Petrone Risk

Information Security vs. Cybersecurity: Main Differences

Important KPIs for Successful Vendor Management

What to Expect in Business Continuity Employment for the Last Half of 2021

Why Buying SaaS GRC Software Is a Smart Investment

Details Revealed for 2022 SIA New Products and Solutions (NPS) Awards at ISC West

Successfully Navigating Identity Management Strategies

What is Zero Trust Architecture?

33 Data Privacy Week Comments from Industry Experts in 2023

5 Metrics & KPIs You Should Be Tracking for Business Resilience

Business Continuity is NOT a Data Backup

Stay Connected