Risk Assessments

  • All
  • Articles
  • Covid-19
  • Risk Assessments

Know and Manage your Application Security Risk During COVID-19

With Amanda Hechter and Raymond du Plessis from Mobius Consulting as well and Lee Bristow from Phinity Risk Improve your Identity and Access Governance (IAG) & Assess your Application Security Risk With COVID-19 catching much of the world off-guard, there has been a scramble for organisations to make key applications, such as financial and HR…

Know and Manage your Supplier Security Risk During COVID-19

With Lee Bristow from Phinity Risk Solutions and Malcolm Parker, Senior Managing Consultant at Mobius Consulting.   MANAGE YOUR SUPPLIER AND SECURITY RISK The novel Coronavirus has created a number of challenges for society and most organisations are not well prepared to cope with this pandemic and the impact that it has on their trade. The…

Is risk ownership aligned to the board of directors?

Providing risk management with a dedicated home at board level allows for the clearer oversight and accountability of management and processes. In turn, this ensures sound governance practices and a focus on transforming risk management into a centre of excellence. The board of directors is where the risk “buck stops”. After all, this is the…

Application Attack Surface

When assessing application risk, many organisations focus on the obvious: the software that they already know. They then proceed to overlook the full inventory of applications and code when reviewing digital assets. These ‘known’ applications typically have a high brand value or financial value, carry compliance requirements, or have been linked to previous breaches. The…

What is DevSecOps?

What is DevSecOps? The term “DevSecOps” places information security into the original operating model of “DevOps”. DevOps itself refers to the collaborative operating team of software developers and IT operations staff. DevOps is common practice the world over. The trouble, though, is that it was built for agility, speed and reliability – not security. And…