Risk Management is the process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken. This includes: 1) conducting a risk assessment; 2) implementing strategies to mitigate risks; 3) continuous monitoring of risk over time; and 4) documenting the overall risk management program.
Related Terms: Enterprise Risk Management, Integrated Risk Management, Risk
Source: DHS Risk Lexicon and Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
For years, organizations have relied on fake email phishing simulations to measure employee resilience to...
Read moreWelcome to our two-part blog series on Microsoft’s new email security enhancement now included in Office 365 P1...
Read more"Being an MSP today is like wearing a neon sign that says, ‘Hack me! I’m the gateway to 100...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.