Secrutiny Founder, Simon Crumplin Discusses Cyber Risk Prioritisation at ILTACON Europe 2019
27th November 2019
Earlier this month Simon Crumplin, Founder of Secrutiny was invited to be part of Europe’s premier legal tech event, ILTACON Europe 2019, to share his expertise on one of the key topics being tackled in the industry. His discussion centred around best-practice for prioritising the plethora of security obstacles coming at us from every angle, and how to best understand your business risk with the power of the information you already hold.
Setting the scene, Simon begun his session with real-world experiences of workshops conducted with CEOs, COOs and Managing Partners, to try and get the context to overcome challenges that organisations are hearing time and time again. The questions that derived from this discussion included:
- Are we ‘SAFE’ and what does that mean?
- Can we demonstrate safety?
- How do we quantify real Risk?
- Have we got the right controls?
- How do we know when we have done enough?
From these workshops it became apparent that businesses are continually lacking context on threat; and with pressure building on IT to fix everything, and projects stacking up, security teams are becoming overwhelmed.
Cyber security is not an IT problem but a risk to be managed – however, organisations cannot manage the problem if they don’t understand its context. This lack of context puts a strain on teams to make prioritised, strategic decisions on how to secure their IT environment and safeguard their crown jewels.
Simon Crumplin, commented: “We want to remove propaganda, threat-mania and the hype, because security has definitely got hype. I’m sure the majority of those reading this receive a 1000 phone calls every two months from people trying to sell you a ‘thing’ that is going to solve all of the ‘things’ that could potentially cause you a problem. The problem I find with every customer I meet is how do you prioritise that? And how do you put that into some sort of context that’s meaningful for the business so we can actually engage with it?
Learn how to prioritise cyber risk and more by listening to Simon’s enlightening discussion in its entirety.
Check Out Our Other Recent Posts >
Microsoft has disclosed a critical vulnerability that has been around for nearly two decades in the Windows DNS Server. The vulnerability, which allows for remote code execution, affects versions 2003 to 2019, and can be prompted by a malicious DNS response. If exploited an attacker could gain Domain Administrator rights, and compromise the entire corporate infrastructure. Full advisory here…
how can you spot whether a cyber threat is a business risk that needs attention? With forensic level focus… To help you achieve this, we’ve mapped out the seven key focus areas for quantifying and managing risk.
Organisations need to overcome the natural urge to respond to a threat and instead pragmatically assess the business risk. Read our whitepaper today.