Thinking through Uncertainty: CFOs Scrutinize Non-Financial Risk
By: IBM Line of Business View more from IBM Line of Business >>
Download this next:
12 top enterprise risk management trends in 2023
By: TechTarget ComputerWeekly.com
Type: eGuide
Enterprise risk management has taken center stage as organizations grapple with the lingering effects of the COVID-19 pandemic, the threat of a recession and the rapid pace of change.
Executives recognize that stronger ERM programs are required to remain competitive in this new era. One aspect of the current risk landscape that companies must contend with is the connectivity of risks.
Businesses are increasingly more interconnected to partners, vendors and suppliers across global markets. As a result, the impact, for example, of a local natural disaster, the ongoing war in the Ukraine or high interest rates can cascade across an entire global supply chain.
Here are 12 security and risk management trends that are reshaping the risk landscape and influencing business continuity planning.
These are also closely related to: "Thinking through Uncertainty: CFOs Scrutinize Non-Financial Risk"
-
Infographic: Top 12 risk management skills
By: TechTarget ComputerWeekly.com
Type: Infographic
Risk management is a must for anyone who aspires to be a leader or manager. There is risk to be addressed at all business levels, and if a leader is unable to manage risk, their upward mobility will disappear.
Being a capable risk manager requires awareness and knowledge to uncover potential risks and present them to people best suited to solve the problem. A risk manager doesn't necessarily have to make the fix -- they just need to bring it to the person who can.
-
Royal Holloway: Lessons on catastrophe - differences and similarities between cyber and other forms of risk
By: TechTarget ComputerWeekly.com
Type: Resource
The field of cyber insurance is still in its infancy but has already shown significant growth, with plenty of evidence for further expansion. However, a lack of past information and some idiosyncrasies make pricing difficult, as well as potentially amplifying risk exposure.
This article summarises high level findings from a practical model that could be used in lieu of actuarial data. The model may be refined in the future as historic datasets become available. This practical model shows that cyber insurance risks pose significantly elevated likelihood and impact when compared with other forms of risk which are more independent. Higher premiums will be a natural consequence to insulate from the associated downside.
There are therefore strong incentives for insureds to improve event independence, for example through hardening. Insurers, on the other hand, can protect themselves from extreme events by rejecting certain risks with cover limits, as they do already, or they may choose to transfer the more extreme risks via commercial.
Find more content like what you just read:
-
Insuring the uninsurable: Is cyber insurance worth its salt?
By: TechTarget ComputerWeekly.com
Type: Research Content
This article in our Royal Holloway Information Security Thesis series discusses the risks and benefits of cyber insurance and outlines steps businesses can take to make better informed risk mitigation decisions.
-
A Computer Weekly buyer's guide to managing paper processes
By: TechTarget ComputerWeekly.com
Type: eGuide
Modern paper processes are ripping up the rule book. In this 13-page buyer's guide, Computer Weekly looks at risk mitigation, security measures for connected printers and the shift towards end-to-end digitisation.
-
Traditional vs. enterprise risk management: How do they differ?
By: TechTarget ComputerWeekly.com
Type: eGuide
Businesses understand they cannot exist in a risk-free environment. How to manage the risks they face depends on many variables, including the industry the business is in and its size. In this e-guide, we compare traditional risk management and enterprise risk management and outline the important differences between the two.
-
CW ANZ, July 2020: Expert Advice on Security
By: TechTarget ComputerWeekly.com
Type: Ezine
In this handbook, Computer Weekly looks at how organisations in Australia and New Zealand can better protect themselves against evolving cyber threats.
-
MicroScope - July-August 2024: Is it worth taking a risk?
By: MicroScope
Type: Ezine
In this issue, we take a closer look at the channel's approach to risk, with experts weighing in on with their approach to playing it safe versus taking steps towards innovation. Also read up on why the time is now to learn about AI-capable PCuse cases, as well as why the human factor should not be underestimated when it comes to AI
-
Focus: how to avoid being hit by ransomware
By: TechTarget ComputerWeekly.com
Type: eGuide
In this special report, we analyse the risks of ransomware and provide the latest best practice advice on how to protect your organisation from this fast-growing form of malicious software.
-
Risk management is the beating heart of your cyber strategy
By: TechTarget ComputerWeekly.com
Type: eBook
In this E-Guide we will explore four separate aspects of this wide-ranging topic area, beginning with a look ahead at some of the most impactful and significant data privacy trends likely to affect your risk and compliance strategy during 2022.
-
Global Risks Report 2017
By: TechTarget ComputerWeekly.com
Type: Essential Guide
Society is not keeping pace with technological change, with artificial intelligence and robotics offering the greatest benefits but also the greatest negative effects, this report from the World Economic Forum reveals
-
Building a Secure Financial Services Platform with Kubernetes
By: Cisco
Type: eBook
Secure your financial services platform with advanced networking, security, and observability features. Learn how Cilium and Tetragon can help you reduce risk, maintain compliance, and build a future-proof infrastructure. Read the full Product Overview.
-
Top IT security priorities: Addressing risk management and compliance
By: Dell Software
Type: eGuide
In this expert e-guide, we explore the issues of IT risk management and compliance. You'll learn about best practices for audits, the role log reviews play in monitoring IT security, how to build authentication into access management systems, and more.
-
A Computer Weekly buyer's guide to compliance, risk and governance
By: TechTarget ComputerWeekly.com
Type: eGuide
Managing data compliance and security has emerged as an integral business consideration. In this 15-page buyer's guide, Computer Weekly looks at the rise of integrated risk management, security risks in the age of digitisation and how to manage an integrated approach
-
GRC Implementation Guide
By: Vanta
Type: eGuide
This white paper explores implementing a comprehensive GRC (Governance, Risk, and Compliance) strategy to secure your organization. It covers key components to know and provides a step-by-step roadmap for successful GRC implementation. Read the full white paper to build a scalable, resilient security program.
-
Royal Holloway: Driverless vehicle security for military applications
By: TechTarget ComputerWeekly.com
Type: Research Content
Existing attacks and risk assessment frameworks within civilian autonomous vehicles (AVs) can be used to review security of military AVs deployed for logistics purposes in a desert warzone environment.
-
Five key reasons to prioritize responsible AI
By: Unisys
Type: Blog
Responsible AI is critical for business success in the age of AI. In this blog post, you'll learn five key reasons why, including minimizing risks, satisfying regulations, and enabling innovation. Read the full blog post now to discover how prioritizing responsible AI practices can benefit your organization.
-
TCFD: New Publications on Risk Management and Climate Scenarios
By:
Type: Talk
With pressure to address climate change continuing to build, there is a growing need for updated and improved guidance on how investors and companies can manage risks and better position themselves for the energy transition. To help meet this, the Financial Stability Board’s Taskforce on Climate-related Financial Disclosures has significantly increased its output in 2020. This has included new technical guidance on the climate scenario analysis and risk management recommendation. The PRI is delighted to host this webinar and provide a chance for signatories to hear directly from the authors of these publications, their key findings and updated practical guidance on how to implement the Taskforce’s recommendations. Speakers include: - Martin Skancke, Chair PRI, TCFD Taskforce member - Martin Weymann Head Sustainability, Emerging & Political Risk Management, Group Risk Management, Swiss Re, TCFD Taskforce member - Jeff Stehm, Secretariat, Task Force on Climate-Related Financial Disclosures
-
Today’s tech that’s changing the financial audit foundation
By: Oversight Systems
Type: Product Overview
For many, organizations will support finance transformation efforts by leveraging technology and AI to significantly reduce labor costs while improving the speed, accuracy, and action-ability of spend audit processes. However, while this strategy is effective, it isn’t always that simple. Browse this white paper to learn more.
-
Improved Visibility Reduces Compliance Risk In Financial Services
By: Akamai Technologies
Type: Forrester Research Report
Lack of visibility into users, assets, and applications leaves financial institutions vulnerable to compliance risks and material impact events. Engage trusted vendors with comprehensive security solutions to improve visibility and mitigate risks. Read the full Forrester Research report to learn more.
-
Industry Report: Business Benefits for Banks Investing in Resiliency
By: Splunk
Type: Analyst Report
Download this IDC industry spotlight to learn what the experts are saying about financial services resilience as well as comprehensive security, observability, and data solutions tailored for the financial sector.
-
Threat management: Essential guide
By: TechTarget ComputerWeekly.com
Type: eGuide
Security is about reducing risk, while assessing risk is all about understanding the cyber threats facing the enterprise, which in turn is about recognising that not all threats are external and that threat intelligence is a key element of threat management.
-
Reduce Financial Crime and Fraud in Financial Services
By: Splunk
Type: White Paper
The Splunk Fraud and Crime Outcome Brief details how financial institutions can leverage Splunk's advanced data aggregation and machine learning capabilities to detect, investigate, and respond to financial fraud and crime.
-
CISSP Exam Guide: Chapter 1: Security and Risk Management
By: McGraw Hill
Type: White Paper
In this 174-page chapter download from McGraw Hill, learn everything you need to know about the first domain, security and risk management, to help you excel at your CISSP exam.
-
A Deep Dive into Cyber Risk Quantification for Board Reporting
By:
Type: Talk
Being prepared to discuss security with the board is the first step toward aligning priorities, securing budget, and building trust. To effectively communicate with CEOs and board members requires risk and ROI to be financially quantified. Join SecurityScorecard’s Maya Kano (Solutions Architect) and Gian Calvesbert (Senior Product Marketing Manager) in this deep dive into Cyber Risk Quantification for board reporting. Learn how to : - Incorporate cyber risk quantification into board reports - Evaluate the financial impact of cyber risk - Determine the ROI of cybersecurity investment options In this presentation and demo, we will cover all aspects of the platform you will need to know to translate cyber risk into financial risk and package that information for your business stakeholders.
-
Can AI be secure? Experts discuss emerging threats and AI safety
By: TechTarget ComputerWeekly.com
Type: eGuide
While adoption of artificial intelligence (AI) is offering unprecedented opportunities, the technology also presents complex security risks. Here's what cyber security experts are saying about the best ways to address the security challenges posed by AI.
-
Step-by-step disaster recovery planning guide
By: TechTarget ComputerWeekly.com
Type: eBook
IT disaster recovery is a fundamental task for all organisations. Reasons range from legal and regulatory compliance to the ability to function after an outage. In this e-guide we outline in detail the key steps of disaster recovery planning.
-
TCFD: New Publications on Risk Management and Climate Scenarios
By:
Type: Talk
With pressure to address climate change continuing to build, there is a growing need for updated and improved guidance on how investors and companies can manage risks and better position themselves for the energy transition. To help meet this, the Financial Stability Board’s Taskforce on Climate-related Financial Disclosures has significantly increased its output in 2020. This has included new technical guidance on the climate scenario analysis and risk management recommendation. The PRI is delighted to host this webinar and provide a chance for signatories to hear directly from the authors of these publications, their key findings and updated practical guidance on how to implement the Taskforce’s recommendations. Speakers include: - Martin Skancke, Chair PRI, TCFD Taskforce member - Martin Weymann Head Sustainability, Emerging & Political Risk Management, Group Risk Management, Swiss Re, TCFD Taskforce member - Wim Bartels, Partner, Corporate Reporting KPMG, TCFD Taskforce member
-
Financial Services Regulatory Compliance
By: Akamai Technologies
Type: White Paper
Akamai’s new e-book, Financial Services Regulatory Compliance: 5 Key Business Objectives, explores the critical strategies for financial institutions to navigate complex regulatory landscapes. Discover actionable insights to meet evolving regulations and safeguard your business against financial and reputational risks.
-
The CCM for Financial Services
By:
Type: Video
In this panel, we'll discuss the cloud security governance, compliance and supply chain risk challenges in this Financial Sector. We'll introduce the missions and goals of the European Cloud User Coalition (ECUC), a leading organization in the Europen Financial sector of the Cyber Risk Institute, and discuss how the collaboration with the Cloud Security Alliance might help the financial sector address the above-mentioned challenges. The panellists will discuss the role of CCM in supporting FIs in their cloud journey and the possible extension of the framework so as to better satisfy the specific need of global financial service institutions.
-
New privacy laws are coming, first stop California
By: TechTarget
Type: Resource
The SolarWinds Orion attacks made victims of government agencies overnight – and without proper protection, your organization could be at risk, too. Download this guide to learn about supply chain attacks, what CISOs are doing to prevent them and detailed instructions on how to prevent bad actors from tampering with your supply chain.
-
The Cloud Influence on GRC
By: TechTarget Security
Type: eBook
Cloud computing risk management, governance and compliance processes are evolving as organizations increasing turn to hosted services. Learn how in our SearchCompliance handbook.
-
Beyond Your Walls: Third-Party Risk in Financial Services
By: LogicGate
Type: Replay
Join us in the latest episode of GRC & Me as host Meghan Maneval and Michael Rasmussen, GRC Analyst & Pundit at GRC 20/20 Research, discuss vendor risk management and the differences between third, fourth, and fifth-party risks. They discuss: • Essential regulations and standards in the financial and banking sectors, highlighting how they vary • Best practices for effectively building, managing, and staying current with a comprehensive vendor risk management program • The role of automation and AI in enhancing vendor risk programs, as well as their limitations • 2025 regulatory predictions and their potential impact on vendor risk strategies in the financial services
-
Cloud Escrow: Ensuring Business Continuity - A Release Event Study
By: NCC Group
Type: Case Study
This case study shows how a financial institution used Escode's Escrow as a Service (EaaS) to ensure access to a cloud-hosted platform if the supplier fails. The release process enabled seamless in-house platform maintenance, avoiding disruption. Discover how an escrow solution can protect your cloud applications.
-
We need to talk about biodiversity | Are Corporates Ready?
By:
Type: Talk
This roundtable webinar will examine whether companies are ready and well-positioned for reporting and disclosing on nature-related risks and opportunities. The webinar is focused on financial institutions as report users, but is also relevant for a corporate and an NGO audience. Based on recent publications from UNEP FI, UNEP-WCMC and WBCSD on corporate readiness for action towards nature, the discussion will focus on the current landscape for reporting and disclosure by corporates, in the context of the development of the Taskforce on Nature-Related Financial Risks (TNFD) disclosure framework. Nature loss poses risks for business now and in the future but tackling nature loss also presents considerable opportunities. Financial institutions and corporates are still missing information needed to understand how nature affects immediate financial performance, or the longer-term financial risks that may arise from the organisation’s interactions with nature. Better information will play a key role in allowing financial institutions and companies to incorporate nature-related risks and opportunities into their strategic planning, risk management and asset allocation decisions. Awareness of and action related to financial risks from nature loss have been growing in recent years and have led to the development of frameworks or standards that are expected to generate more systematic information on nature-related impacts and dependencies, and at scale. UNEP FI, UNEP-WCMC and WBCSD have carried out research on the readiness of corporates for such reporting and disclosure standards, in particular for the disclosure framework being developed by TNFD. They will discuss the results of their research with representatives from business and financial institutions, identifying the potential for uptake of future reporting and disclosure requirements.
-
CW Europe - September-November 2020: IT expertise in banks' boardrooms reduces risk, says European regulator
By: TechTarget ComputerWeekly.com
Type: Ezine
The European Central Bank has found that banks with the most IT expertise in the boardroom have better control in several IT risk categories, including fewer successful cyber attacks and less downtime of critical IT systems.
-
Masterclass: Quantifying the Financial Impact of Cyber Risk
By:
Type: Replay
Being exposed to cyber risk is an inevitable part of doing business in today’s world. Building and maintaining a strong cybersecurity program requires constant vigilance, making the process of measuring performance over time quite challenging: What measurement standard should you strive for, and why? And how does your performance impact your organization’s financial exposure to cyber risk? BitSight Financial Quantification for Enterprise Cyber Risk is a turnkey solution that provides a quick, efficient, and repeatable assessment of an organization’s financial exposure to cyber risk. Organized into business impact scenarios such as ransomware, business interruption, etc., the analysis provides security leaders with relevant insights to properly assess and rank the financial impact on the business to facilitate organizational decision-making. By adding financial details about cyber risk and how it impacts the business, leaders can more effectively determine, according to the organization’s risk appetite, if they are willing to accept, mitigate, or transfer cyber risk via cyber insurance. Join us for this educational webinar to learn how BitSight and Financial Quantification can help you: • Drive accountability across your extended organization by establishing uniform performance targets as an integral part of your cybersecurity governance program. • Establish cyber risk financial exposure thresholds to measure the effectiveness of your program policies. • Continuously assess the effectiveness of your security controls and remediate any gaps according to best practices frameworks. • Instill confidence in your cybersecurity program performance by communicating easy-to-understand program KPIs to your Board of Directors and other key stakeholders.
-
The state of cloud data security in 2023 - new research insights
By: Palo Alto Networks
Type: Research Content
This research report analyzes over 13 billion files to reveal where sensitive data resides in the cloud, who has access to it, and how it flows between services. Learn how to improve cloud data security and compliance by reading the full report.
-
ESG Webinar: Physical climate risk
By:
Type: Talk
As the real-world impacts of climate change become more apparent – such as increased flooding, extreme heat, and more chaotic weather - attention is being directed to the risk this poses to companies, investors, and the economy. As it stands, the world is not on track to achieve the Paris Agreement goals and it is obvious that the impact of current warming is already driving real-world damage. In this talk we will discuss what more investors can do to adequately judge and understand climate-risks, and we will try to dispel the often-held perception that financial climate risks are only a “future”- and not a “now” – problem. To do this we will delve into the basics of climate science and how improved scientific understanding will help us better form judgments on the financial risks, we will also discuss the limitations of current climate/economic modelling and draw on examples from the insurance sector to understand where risks (and opportunities) may lie.
-
Physically fit? Disclosing physical climate risks in line with the TCFD recs
By:
Type: Talk
How can financial institutions better disclose climate-related physical risks in line with the TCFD recommendations? In this webinar, UNEP FI and the World Resources Institute (WRI) will provide insights into the current state of physical climate-related risks disclosures and high-level guidance for financial institutions reporting on physical risks in line with the TCFD recommendations. Speakers: - Paul Smith, Senior Climate Consultant, UNEP FI - Lihuan Zhou, Associate, Sustainable Investing Initiative, World Resources Institute - Bouke de Vries, Advisor to the Board on Public Affairs, Rabobank and Chair of Working Group Sustainable Finance, European Association of Cooperative Banks - David Goldsworthy, Senior Group Risk Manager, Credit and Climate Risk, Standard Bank
-
Quantifying Cyber Risk to Enable Business Growth
By:
Type: Video
Cyber risk is not just a security issue, it's a business issue. As a result, it's rightfully become an executive level discussion topic. That said, security teams often need help articulating risks in business and financial terms required to gain the attention of CEO and Boards. Translating cyber-risk into financial risk creates a meeting of the top minds that accelerates business decision-making. Proving the effectiveness of a security program and justifying the budget in this way makes CISOs look like champions. Moreover, alignment of security leaders and top business stakeholders maximizes resources and sets expectations for how an effective security posture can enable business growth by building trust and defending against costly cyberattacks. In this presentation, you will learn: - Why traditional risk quantification methods are not working for cyber risk - Use cases for cyber risk quantification - How security ratings data combines with risk modeling to drive actionable conversations on cyber risk
-
Build operational resiliency to power compliance and innovation
By: PagerDuty
Type: eGuide
Financial institutions have been adopting new technologies that enable their digital transformation—making them increasingly exposed to cyberattacks. To mitigate the risk of operational failures and revenue loss, organizations need a platform that scales teams and powers major incident workflows.
-
MITRE ATT&CK, a guide for businesses in 2022
By: TechTarget ComputerWeekly.com
Type: eBook
Mitre ATT&CK is a framework, but it can also serve as a foundation to address cybersecurity as a whole moving forward. Download this e-guide and learn more about the Mitre ATT&CK framework, and which trends are shaping the way this tool can be applied to cyber security around the globe.
-
Slice and dice with ensemble AI: segment and disaggregated revenue analytics
By:
Type: Replay
Add focus to business segments and revenue drivers. Many factors must be considered when evaluating financial data. With pressure on businesses to do more with less, financial professionals must consider advanced technologies to help mitigate risk across the volumes of financial data. Segment analysis augments the financial professional’s ability to understand and identify areas of the business that pose greater risk and complexity. Breaking down these segments supports an emphasis on high-value tasks due to an increased focus on anomalous or unusual events within the business segments. Further, the disaggregation of revenue into categories assists financial professionals in understanding the nature of the entity’s revenue and where it was derived. This can be related to types of goods or services, geographical region, sales channels, and more. The understanding of these categories is important to create transparency; however, the financial professional should also understand the impact of how anomalies in the transactional detail impact these particular areas. This webinar will focus on: - Building a deeper understanding of the business using segment analysis - The impact of anomalous or unusual activity in the business - How anomaly detection adds focus to segment analysis and disaggregated revenue At the completion of this session, attendees have a better understanding of how anomaly detection can help improve segment and disaggregated revenue analysis.
-
Are we trusting social networks too much?
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security Series sheds an often uncomfortable light on the privacy risks people incur by using social media, and offers advice on how to minimise those risks
-
Strategies for Effective Risk Adjustment Programs
By: Inovalon, Inc.
Type: Infographic
Discover 4 strategies to boost your risk adjustment program's accuracy, including converging your engagement, forecasting financial impact, leveraging smarter analytics, and accelerating risk score updates. Read the full infographic to learn more.
-
Reinventing Cyber Risk Quantification
By:
Type: Talk
Being exposed to cyber risk is an inevitable part of doing business in today’s world. But when security leaders engage in conversations about cyber risk, they find themselves at a disadvantage. For many non-technical people, cyber risk is seen as complex and too often discussed in technical terms or through the lens of remediation plans for security incidents. While risk management professionals discuss business risk in terms of its impact on financial targets, cyber risk is all too often a misunderstood topic for the non-security crowd. Join us for this informative webinar featuring BitSight’s pioneering new product for financially quantifying cyber risk. In this session you will learn: 1 - How a turnkey solution for financially quantifying your exposure to cyber risk saves you time and money; 2 - How an on-demand offering allows you to incorporate financial quantification of cyber risk more often into your key business decisions; 3 - How proven models and technologies built for the cyber insurance industry can give you the financial analysis you need to bring about a more universal understanding of cyber risk to your organization.
-
Computer Weekly – 23 January 2024: Davos 2024 – AI disinformation tops global risks
By: TechTarget ComputerWeekly.com
Type: Ezine
In this week's Computer Weekly, AI-generated disinformation and misinformation will be the top risks for businesses, governments and the public over the next two years, according to the WEF. Intel's CTO discusses the chip maker's plans for the European market. And we examine the dearth of digital skills among elected officials. Read the issue now.
-
Safeguard your finance sector with cybersecurity awareness
By: Fortra
Type: eBook
Cyber threats pose significant risks to the finance sector, with data breaches, ransomware, and social engineering attacks causing financial and reputational damage. This e-book explains the risks, addresses objections, and provides tips to build a cyber security-focused culture. Read the full e-book to fortify your organization's defenses.
-
3 Actions Enterprise Risk Managers Need to Protect Companies from Unseen Threats
By:
Type: Talk
From cyberattacks and breaches to pandemics and wars, there’s a lot to keep you up at night. How do you make sure that your company stays alert in an increasingly dangerous world? You need an effective enterprise risk program that can help you identify and plan for high-probability threats. In this free webinar, our team of expert panelists will discuss three key actions every Enterprise Risk Manager should take to relieve the pressure of unseen threats: ● Unite your risk, technology, and business teams around one platform for an accurate picture of risk ● Build consistent methods to successfully assess your risk, including suppliers and vendors ● Rely on the right data to build trust in your organization’s resilience Presenters: Chris Murphey, VP NewRocket Advisory Services, and your host! Melissa Cohoe, Practice Strategist, NewRocket Risk & Resilience Alan Paris, ServiceNow Financial Services-Risk & Compliance Architecture Jeremy King, Director of Global Operational Risk, ICE – and a customer of ServiceNow & NewRocket.