SecurityBrief Australia - Cybersecurity risk-management vital, says expert

risks.png

Cybersecurity risk-management vital, says expert

Businesses need to assess their cyber security risk management and ensure it’s being done right, according to security professionals Peerlyst.

The company says risk management and cybersecurity shouldn't clash - they should align.

Gary Hayslip, the CISO for the city of San Diego, says that is easier said than done.

“Cybersecurity risk-management is not only vitally important to individuals, businesses, and governments around the globe - it's very tough to get right.”

Peerlyst has published Hayslip's six-part plan, in a piece entitled "Resource: Cybersecurity and Risk Management”, aimed to help organisations get cyber security risk management right.

Hayslip’s plan includes:

  • Categorise information systems and data
  • Select security controls
  • Implement security controls
  • Continually assess security controls
  • Authorise (verify risk baseline)
  • Continually monitor security controls

“In truth, an organisation's cybersecurity program and life cycle are part of a larger ecosystem,” Hayslip says.

“This security ecosystem includes the cybersecurity life cycle, the risk-management life cycle, and the dynamic interaction between their components and processes,” he explains.

“This unique ecosystem, when documented and properly maintained, provides an organisation with invaluable data on the maturity of its cybersecurity and risk-management programs,” says Hayslip.

Interested in this topic?
We can put you in touch with an expert.

Follow Us

Featured

next-story-thumb Scroll down to read: