TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Deutsche Bank Sees Bitcoin Touch $28,000 By 2022 End, But Warns of Risks Ahead

    July 1, 2022

    The halftime show

    July 1, 2022

    Grayscale Goes to Court After SEC Rejects its Proposed ETF Bid

    July 1, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Elon Musk’s “Teslas in Tunnels” Las Vegas project is still happening, and here’s the first station

      July 1, 2022

      Meta warns employees of “serious times” in internal memo listing key product bets

      July 1, 2022

      The Supreme Court just took away an EPA tool to fight climate change — what happens next?

      July 1, 2022

      New York denies air permit to Bitcoin mining power plant

      July 1, 2022

      GM’s reportedly only making about 12 Hummer EVs a day

      July 1, 2022
    • Business
    • Cyber Security

      Auston Davis named CISO at Versant Health

      June 30, 2022

      Lessons learned from slew of recent data breaches

      June 30, 2022

      Cybersecurity from the inside out — Guarding against insider threats

      June 30, 2022

      We need the Foreign Intelligence Surveillance Act more than ever

      June 30, 2022

      IC3 issues warning on deepfake use in remote work applications

      June 29, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Don’t Overlook the Business Risk in BRI
    Cyber Security

    Don’t Overlook the Business Risk in BRI

    January 14, 2019Updated:January 14, 2019No Comments6 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Have you been attacked? Digitpol the global investigation firm can help you, visit Digitpol’s website to learn more.


    A business risk intelligence (BRI) program requires many components about which I’ve written previously: the right intelligence requirements, collection strategy, KPIs, vendors, collaboration, and stakeholder support. But there’s another component that, though it may seem obvious, is among the most foundational yet also the most frequently overlooked: a comprehensive understanding of business risk.

    As security practitioners, we often think about business risk in terms of threats, vulnerabilities, and the extent that they could impact the assets we’ve been entrusted to protect. But it’s important to remember that business risk encompasses more than just security. And in order to execute a BRI program effectively, we need to be able to understand, measure, and mitigate business risk not only through a security-focused lens but also through a business-focused one. Here’s how:

    Know the five categories of business risk

    Business risk is broadly defined as the possibility that a business will incur a loss due to uncertainty. Although there are seemingly countless uncertainties inherent to running a business, most tend to fall under one or more of the following categories:

    ● Financial risk reflects the likelihood and extent that a business could experience financial loss due its capital structure and/or financing. Changes in interest rates, foreign exchange rates, or a business’s debt-to-equity ratio are common factors that can influence financial risk. Although all categories of business risk can have financial implications, financial risk refers solely to implications of how a business handles money.

    ● Compliance risk refers to the penalties a business could face if it fails to comply with requisite regulations. These penalties can vary immensely and range from minor fines to serious legal action. But regardless of a business’s regulatory environment—which tends to depend primarily on its location, size, and industry—many compliance risks can arise due to largely unforeseen circumstances such as data breaches, technical failures, or sudden legislative changes, for example.

    ● Strategic risk entails the potential loss a business could incur in the event that any aspect of its strategy becomes less effective for any reason. Increased competition, demand fluctuations, and technological limitations are among the many circumstances that can hinder the efficacy of a business’s strategy and thus affect its bottom line.

    ● Reputational risk encompasses the consequences a business could suffer due to reputational damage. Product recalls, lawsuits, security incidents, and other types of bad publicity are common examples that can erode trust in a business and therefore result in revenue losses.

    ● Operational risk is the risk of loss due to unexpected errors or damages caused by people, processes, external events, or anything else that interrupts a business’s core operations. Operational risks are numerous and can range from natural disasters and physical infrastructure damage to fraud, cyberattacks, and supply chain vulnerabilities, among others.

    Reduce uncertainty through anticipation and preparation

    Once you’re familiar with the categories of business risk, it’s important to incorporate them into your BRI program and operations. Keep in mind that business risk is fueled by uncertainty—so in order to reduce business risk, we need to apply BRI in a manner that reduces uncertainty. Although BRI can’t diminish each and every uncertainty inherent to business, what it can do is help us to better anticipate and prepare for uncertain situations that contribute to business risk. 

    For example, let’s say an online retailer has faced a series of DDoS attacks resulting in substantial downtime for its website. In response, the retailer wants to apply BRI to help it anticipate, prepare for, and ultimately reduce its risk of disruption from future attacks. But in order to achieve this objective, a BRI operation would first need to consider how previous DDoS attacks have impacted the retailer’s business risk across each category, as follows:

    ● Financial risk: The DDoS attacks had no effect on the business’s capital structure and thus did not impact its financial risk.

    ● Compliance risk: The retailer’s compliance requirements include GDPR and PCI DSS, neither of which were violated due to the DDoS attacks.

    ● Strategic risk: The DDoS attacks did influence strategic risk because the retailer’s strategy is largely dictated by its e-commerce business model. Customers were unable to browse, shop, or make purchases on the retailer’s website during the DDoS attacks, thereby resulting in lost revenue. 

    ● Reputational risk: The DDoS attacks inconvenienced and upset customers who sought to access the retailer’s website during outages. Many such customers expressed their frustration on social media, attracting significant negative attention to the company, eroding consumer trust, and ultimately exacerbating revenue losses.

    ● Operational risk: The retailer was unprepared for the attacks and did not have adequate DDoS protection measures in place to protect its website from outages and resulting consequences. As such, the attacks did contribute to the retailer’s operational risk.

    Evaluating each category of business risk in this context can enable us to better inform the direction and priorities of a BRI operation. Indeed, since the previous DDoS attacks against the retailer had no impact on its financial or compliance risk, its BRI operation should focus primarily on addressing the strategic, reputational, and operational risks that could potentially be posed by future DDoS attacks.

    This type of exercise can also help us identify any additional resources, stakeholders, or business functions that we may need to involve during or after a BRI operation. For instance, let’s say that in the DDoS example above, the retailer’s BRI operation found evidence suggesting that another highly disruptive attack could be imminent in the coming weeks. 

    The BRI team would then need to alert the network security team so it could evaluate whether existing DDoS protections would be able to fend off another attack in the near future. The communications and public relations teams should also be notified so that, in the event that the attack results in another outage, they are prepared to address customer concerns, handle press inquiries, and minimize reputational damage. The strategy team, meanwhile, should be looped in as well because it may need to devise strategic adjustments to help recoup any revenue that could be lost due to the attacks.

    Indeed, this example reinforces a hallmark of BRI: Because individual threats can affect not just security teams but all business functions across an enterprise, a BRI program needs to understand and account for the different categories of risk faced by all business functions across an enterprise. While even the most sophisticated BRI programs can’t eradicate business risk, they can reduce the uncertainty that fuels it through better anticipation and preparation.

    view counter

    Josh Lefkowitz is the CEO of Flashpoint, the global leader in Business Risk Intelligence (BRI) from the Deep & Dark Web. He has worked extensively with authorities to track and analyze terrorist groups. Lefkowitz also served as a consultant to the FBI’s senior management team and worked for a top tier, global investment bank. Lefkowitz holds an MBA from Harvard University and a BA from Williams College.

    Previous Columns by Josh Lefkowitz:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Auston Davis named CISO at Versant Health

    June 30, 2022 Cyber Security

    Lessons learned from slew of recent data breaches

    June 30, 2022 Cyber Security

    Cybersecurity from the inside out — Guarding against insider threats

    June 30, 2022 Cyber Security

    We need the Foreign Intelligence Surveillance Act more than ever

    June 30, 2022 Cyber Security

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022 Cyber Security

    Kurt John named Chief Security Officer at Expedia

    June 29, 2022 Cyber Security
    Editors Picks

    The halftime show

    July 1, 2022

    Grayscale Goes to Court After SEC Rejects its Proposed ETF Bid

    July 1, 2022

    Xi Jinping insists Hong Kong must be governed by patriots on 25th anniversary of handover

    July 1, 2022

    Elon Musk’s “Teslas in Tunnels” Las Vegas project is still happening, and here’s the first station

    July 1, 2022
    Trending Now

    The Supreme Court just took away an EPA tool to fight climate change — what happens next?

    By techbizweb

    MAS Faults Three Arrows Capital for Sharing False Information

    By techbizweb

    France ready to bypass Hungary for global corporate tax deal

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.