What is enterprise risk management? How to put cybersecurity threats into a business context

By Maria KorolovOctober 11, 2018

Enterprise risk management (ERM) is the process of assessing risks to identify both threats to a company’s financial well-being and opportunities in the market. The goal of an ERM program is to understand an organization’s tolerance for risk, categorize it, and quantify it.When companies look at enterprise risk, the traditional approach is to look at financial risks, regulatory risks and operational risks. What happens if the exchange rate drops and the interest rate rises, if new drugs don’t get FDA approval, or if your main warehouse burns down?

To make the calculation, you take the potential impact of an event and multiply it by the odds of that event happening. For low-impact events, even a high probability of occurrence won’t affect the company’s total risk exposure by much, while for high-impact events, even a low probability of occurrence is potentially devastating.

To read this article in full, please click here

Source: CSO

Krim Times is back on the Amazon best seller list for its category, its second time on the list since it was first released in January. The drinks are on me!

Judge, 2019 CSO50 awards

Maria is one of the judges of the annual CSO50 awards, which recognize 50 organizations for their security project or initiative that demonstrates outstanding business value and thought leadership.

Judge, Epica Awards

Maria is a member of the jury of the 2018 Epica awards, the only global creative prize judged by journalists.

2018 New England AZBEE award winner

In April 2018, Maria received the Silver Impact/Investigative award at the New England ASBPE Awards of Excellence for the article “What is a supply chain attack?”