‘Cyber risk’ means any risk of financial loss, disruption or damage to the reputation of an organisation from some sort of failure of its information technology systems.
All types and sizes of organisations are at risk, not only the financial services firms, telecoms or defence organisations and high profile names which make the headlines.
An organisation's risk management function need a thorough understanding of the constantly evolving cyber risks as well as the practical tools and techniques available to address them.
Through utilisation of international best practice and supporting industry standards (such as ISO 27005 and NIST 800-30) We can provide your organisation with advice and support in the area of cyber risk management.
Our risk management service offering will typically comprise of the following stages:
Scope/context - Establishment of scope, context and risk boundaries for the organisation;
Asset Review - review of information asset register;
Vulnerability Assessment - review of current vulnerabilities for information assets;
Risk Identification - identification of risks to the business, the possibility of occurrence and their potential impact;
Risk Treatment - establishment of priorities for risk treatment activities (mitigate, accept, transfer, avoid);
Risk Review - establishment of risk monitoring and review processes.
In addition, education will be provided to key organisational stakeholders and employees as to the risks to their organisation and how they are being managed.
Please contact us for more information regarding your risk management requirements.