Cyber risk: Threat and opportunity
This white paper examines the current exposure to cyber risk and how insurers are responding:
Interest in cyber insurance and risk continues to grow beyond expectations in 2016 in part due to high profile data breaches, but also due to awareness of the almost endless range of exposures businesses face.
This white paper examines the current exposure to cyber risk and how insurers are responding:
Interest in cyber insurance and risk continues to grow beyond expectations in 2016 in part due to high profile data breaches, but also due to awareness of the almost endless range of exposures businesses face.
Allianz Risk Barometer 2016
The fifth annual Allianz Risk Barometer survey was conducted among global businesses, as well as risk consultants, underwriters, senior managers and claims experts within both AGCS and local Allianz entities during October and November 2015. Its focus is on the corporate insurance sector for both large and small to mid-sized industrial companies.
The fifth annual Allianz Risk Barometer survey was conducted among global businesses, as well as risk consultants, underwriters, senior managers and claims experts within both AGCS and local Allianz entities during October and November 2015. Its focus is on the corporate insurance sector for both large and small to mid-sized industrial companies.
NIST Special Publication 800-53 r5
Security and Privacy Controls for Information Systems and Organizations
Security and Privacy Controls for Information Systems and Organizations
The Fundamentals of Continuous Monitoring – An Integral Part of Risk Management Strategies
Dr. Ron Ross YouTube video describing the fundamentals of continuous monitoring during the risk management framework process.
Dr. Ron Ross YouTube video describing the fundamentals of continuous monitoring during the risk management framework process.
NIST Special Publication 800-30 r1
The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance in Special Publication 800-39. Risk assessments, carried out at all three tiers in the risk management hierarchy, are part of an overall risk management process—providing senior leaders/executives with the information needed to determine appropriate courses of action in response to identified risks.
The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance in Special Publication 800-39. Risk assessments, carried out at all three tiers in the risk management hierarchy, are part of an overall risk management process—providing senior leaders/executives with the information needed to determine appropriate courses of action in response to identified risks.
NIST Special Publication 800-37 r2
The purpose of SP 800-37 Rev 1 is to provide guidelines for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.
The purpose of SP 800-37 Rev 1 is to provide guidelines for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.