Defining the role of inherent risk in cybersecurity
Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane to the vast majority of cybersecurity practitioners. Inherent risk is all about the BIG picture, it’s nearly impossible to examine the relationship between cybersecurity strategy and business priorities without taking inherent risk into perspective.
Inherent risk is all about the BIG picture, it’s nearly impossible to examine the relationship between cybersecurity strategy and business priorities without taking inherent risk into perspective.
Gretchen Ruck, Lockhaven Solutions.
Inherent risk in an invaluable tool for security teams for facilitating meaningful dialog with business leaders and other non-technical stakeholders to build consensus on the top risks in which a failure to safeguard IT systems or protect sensitive information would be the most devastating to a business. You can define it as, “The risk to an entity in the absence of any direct or focused actions by management to alter its…
