Risk management

A successful risk management plan helps enterprises identify, plan for and mitigate potential risks. Learn about the components of risk management programs, including penetration tests, vulnerability and risk assessments, frameworks, security awareness training and more.

Top Stories

Feature 19 May 2023
The potential danger of the new Google .zip top-level domain

How much should the average end user be concerned about the new .zip and .mov TLDs? They aren't as bad as some make them out to be, but it's still worth doing something about them. Continue Reading
News 16 May 2023
Coalition: Employee actions are driving cyber insurance claims

After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem. Continue Reading

Tip 16 Apr 2010

Performing a security risk analysis to assess acceptable level of risk

No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help determine an acceptable level of risk. Continue Reading
Tip 09 Oct 2008

Risk assessments: Internal vs. external

Risk assessments are a necessary function at financial firms, but how do you know whether to conduct them internally or to use a third party? Expert Rick Lawhorn explores the pros and cons in this tip. Continue Reading
Tip 14 Apr 2008

GLBA risk assessment steps to success

GLBA requires financial firms to protect their data from anticipated risks. How can those risks be determined? Follow these steps to perform a risk assessment at your financial organization. Continue Reading
Tip 22 Aug 2007

Enterprise risk management frameworks: Controls for people, processes, technology

Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the right places and implementing processes to execute on policies. Continue Reading
Answer 04 Mar 2004

How does 'arbitrary code' exploit a device?

Continue Reading

1
2
3
4
5

Networking

Google interconnects with rival cloud providers
Video platform provider Pexip said Google's Cross-Cloud Interconnect reduced the cost of connecting Google Cloud with Microsoft ...
How to interact with network APIs using cURL, Postman tools
Network engineers can use cURL and Postman tools to work with network APIs. Use cases include getting interface information and ...
Modular network design benefits and approaches
Modular network design is a strategic way for enterprises to group network building blocks in order to streamline network ...

CIO

Experts doubt U.S. retaliation following China's Micron ban
The Biden administration likely won't retaliate for China's Micron Technology ban but will continue to play the long game ...
AI transparency: What is it and why do we need it?
As the use of AI models has evolved and expanded, the concept of transparency has grown in importance. Learn about the benefits ...
How to write an RFP for a software purchase, with template
Software buying teams should understand how to create an effective RFP. Here's a look at what components to include, along with a...

Enterprise Desktop

Best practices for a PC end-of-life policy
Organizations that deploy PCs need a strong and clear policy to handle hardware maintenance, end of life decisions, sustainable ...
What does the new Microsoft Intune Suite include?
With all the recent name changes with Microsoft's endpoint management products and add-ons, IT teams need to know what Intune ...
Does macOS need third-party antivirus in the enterprise?
Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into ...

Cloud Computing

Cloud experts weigh in on the state of FinOps
Surprised by your cloud bill? Experts weigh in on the rising popularity of FinOps, the art of building a FinOps strategy and the ...
Dell Apex updates support enterprise 'cloud to ground' moves
Dell's latest Apex updates puts the company in a position to capitalize on the hybrid, multi-cloud and edge computing needs of ...
Prepare for the Azure Security Engineer Associate certification
Are you ready to boost your resume or further your cloud career path? Review this preparation guide to get ready for Exam AZ-500 ...

ComputerWeekly.com

Workers ‘deeply uncomfortable’ with digital surveillance at work
Employees express discomfort towards employers’ use of various digital surveillance and monitoring techniques, which are often ...
Bank of International Settlement sets up channel secure from quantum breach
The Bank of International Settlement has worked with two of Europe's central banks to explore preventing the security risks posed...
UK has time limit on ensuring cryptocurrency regulatory leadership, says Parliamentary report
Parliamentary report makes 53 recommendations to the government's plans to regulate cryptocurrency

Close