Cyber Risk Management

Understand and manage risks to your information and systems.

Cyber risk management is a collective term for a number of approaches that can be taken to both understand, and take appropriate action on, risks to an organisation’s information, computer systems, and online activity.

Cyber risk management covers a number of different disciplines, is related to compliance and secure software development, and is informed by activities such as penetration testing and vulnerability assessment.

The exact application of cyber risk management techniques depends on the organisational culture, strategy, and overall risk appetite.

Architecture Review

The specific approach will depend on the scope of the assessment, and the objectives of the organisation, but will generally require close interaction with the client, and a detailed understanding of the business goals.

Learn More

Incident Response Preparedness

Preparation is the most important stage of the incident response process, and is also the most commonly overlooked. Establishing and testing incident response process before an incidents happens significantly increases the likelihood of an organisation being able to response in a timely and effective manner. Having these processes in place can also demonstrate that the organisation is taking a proactive approach towards security, and is required by a number of standards such PCI DSS and ISO 27001.

Learn More

Risk Assessment

The specific approach taken will depend on the organisation, and any specific requirements that they may have, however, a typical risk assessment will include the following:

• Asset Management Review – Identify and utilise existing asset management process if available, or perform initial asset inventory activities if not.
• Vulnerability Assessment – Review and understand the vulnerabilities relevant to the assets under consideration. This may be at a high level, depending on the scope of the engagement and the time available.

Learn More