Peer-Driven Insights

Risk Management

Active Ambassadors in This Topic

JM Financial Services Ltd

Travel and Hospitality, 1k - 5k

Community Posts

Public Cloud72%

Private Cloud27%

Strongly disagree2%

Strongly agree

View Results

Strongly agree7%

Strongly disagree3%

Unsure (please comment)

View Results

Risk Management

Active Ambassadors in This Topic

Community Posts

Community Posts

Active Ambassadors in This Topic

Rathik Pathak

Community Posts

Are you using tools for cyber risk quantification? What are they?

What cybersecurity awareness techniques have you found most effective?

How are you maintaining data and system security as IT decision making becomes increasingly decentralized?

What tools do you use for insider threat detection?

How will ransomware evolve in the short term?

What’s your “hot take” when it comes to security questionnaires?

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

As organizations deploy LLMs and other AI systems, how do you recommend security teams address risks such as data leakage, prompt injection and adversarial manipulation? What frameworks or practices should be prioritized to make AI security programs resilient from day one?

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.Has anyone implemented a "not relevant" risk tier in their model?This tier would apply to vendors posing genuinely negligible security risk.

I'm building most on... share "why" in comments...

Agree or disagree: Business unit leaders typically oppose the SOC’s recommendations.

Is red teaming a better way to demonstrate security needs to the board than traditional compliance audits?

Vulnerability patching is now a full-time job.

Apart from applying the patches just released, what other mitigation tactics are you using to address the zero-day SharePoint vulnerabilities impacting on-premises servers?

Does anyone have recommendations for risk management background services for a large technology consulting company? The employee count is over 20K.

Community Posts

Are you using tools for cyber risk quantification? What are they?

What cybersecurity awareness techniques have you found most effective?

How are you maintaining data and system security as IT decision making becomes increasingly decentralized?

What tools do you use for insider threat detection?

How will ransomware evolve in the short term?

What’s your “hot take” when it comes to security questionnaires?

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

As organizations deploy LLMs and other AI systems, how do you recommend security teams address risks such as data leakage, prompt injection and adversarial manipulation? What frameworks or practices should be prioritized to make AI security programs resilient from day one?

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.Has anyone implemented a "not relevant" risk tier in their model?This tier would apply to vendors posing genuinely negligible security risk.

I'm building most on... share "why" in comments...

Agree or disagree: Business unit leaders typically oppose the SOC’s recommendations.

Is red teaming a better way to demonstrate security needs to the board than traditional compliance audits?

Vulnerability patching is now a full-time job.

Apart from applying the patches just released, what other mitigation tactics are you using to address the zero-day SharePoint vulnerabilities impacting on-premises servers?

Does anyone have recommendations for risk management background services for a large technology consulting company? The employee count is over 20K.

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.