Understanding the Cyber Risk Landscape: An Integrated Framework

Mark Cooke

One of the challenges of managing cyber risk is to be able to systematically understand the risk that cyber crime presents to the organisation across the breadth of its operations and commercial activities. For small organisations, the practices and processes can be relatively informal; the cyber champion can both foster awareness with their colleagues and work directly with their colleagues both to understand and manage the risk. However as an organisation increases in scale and complexity, these informal mechanisms are not sufficient to understand the risk, and instead an organisation has to put in place a systematic approach to understanding the risk, a framework that sets out the processes and practices to manage cyber risk.

As cyber risk is but one of the many nonfinancial risks that organisations face, with risks such as regulatory compliance, technology failure, people risks and fraud also featuring as a concern for senior management, it is likely that it will need to be incorporated into existing nonfinancial risk frameworks. The organisation’s risk framework therefore needs to enable the organisation to systematically understand the cyber risk landscape, through setting

To continue reading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: