risk management Archives - Cybersecurity Without Insanity

Prevention is better than cure

By Sam Glynn|2022-11-23T08:09:36+00:00November 22nd, 2022|Categories: cybersecurity|Tags: daily, mindset, Multi-Factor Authentication, risk management, staff awareness|

Risk = Likelihood x Impact. Which type should you focus on first?

Risk = Likelihood x Impact

By Sam Glynn|2022-11-21T09:31:16+00:00November 21st, 2022|Categories: cybersecurity|Tags: daily, mindset, risk management|

When thinking about how to reduce the RISK of a cyber-attack, it's useful to think about security measures that will reduce the LIKELIHOOD of an attack and those that will reduce the IMPACT.

Cyber 321: 4th November 2022

By Sam Glynn|2022-10-26T14:50:57+01:00November 4th, 2022|Categories: cybersecurity|Tags: cyber321, passwordless, passwords, ransomware, risk management, software updates|

Cyber 3-2-1: Don’t worry about zero-days. Don’t worry about passwords. Don’t worry about your code (if you’re a software company). This week’s action: Do you share the concerns of 48% of Board-level cyber experts?

Cyber 321: 7th October 2022

By Sam Glynn|2022-10-07T07:30:22+01:00October 7th, 2022|Categories: cybersecurity|Tags: backups, business continuity, cyber321, incident response, Multi-Factor Authentication, passwords, payment fraud, phishing, ransomware, risk management, software updates, staff awareness, supply chain risk, third party risk management|

Cyber 3-2-1: This month and last month, Ireland’s police, government and national cybersecurity agency have warned SMEs about the ever-increasing threat of cyber attacks. And yet executives and boards will continue to deliberately ignore this risk until their valuables have been stolen. This week’s action: You are choosing your own adventure. Make sure you are comfortable with your choice.

Cyber 321: 24th September 2021

By Sam Glynn|2022-02-10T11:42:41+00:00September 24th, 2021|Categories: cybersecurity|Tags: cyber321, hse, Multi-Factor Authentication, password managers, passwordless, passwords, risk management, SEC, stolen credentials, Windows 7|

Cyber 3-2-1: It’s not as simple as “Windows 7 = bad / Windows 10 = good”, or “Password = bad / Passwordless = good”. But it certainly is as simple as “2FA = Good”. This week’s action: Test your backups

Cyber 321: 30th APRIL 2021

By Sam Glynn|2021-04-30T07:51:06+01:00April 30th, 2021|Categories: cybersecurity|Tags: cyber321, law firms, mindset, pragmatic security controls, professional services firms, ransomware, rdp, remote access, risk management|

Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including why professional services firms are now ransomware’s #1 target, another survey confirming that remote working is here to stay, and why good is better than perfect when designing security controls. This week’s action: Remote Desktop Protocol (RDP): Search for it in your firm, and remove or protect it.

Turkeys don’t worry about Christmas

By Sam Glynn|2021-02-27T18:13:15+00:00September 24th, 2020|Categories: cybersecurity|Tags: cybersecurity, perception, risk management|

When people talk about 'risk', they usually think about 'likelihood'. But risk is not just about likelihood. It's also about impact. And when we think about impact, we start to pay attention.