Tag: risk management

nhs-test-trace-app-image

UK Test and Trace – How to avoid failing at risk management

The UK Test and Trace system has, again, come under fire for IT Glitches. The latest “glitch” is the manifestation of an obvious data quality risk. The test and trace system is overriding address information provided by student end users with data held in a central source. This issue has occurred because some bright spark…
Read more

Baby Crying

Risk Management – It’s a bit like a hungry baby!

First things first – I am no parenting expert! Up until very recently, I thought that when a baby cries, they need one of four things…cuddles, feeding, nappy change or medical attention. Now it is still true that when a baby cries they most likely need one [or more] of those things. It is also…
Read more

calculating risk

Calculating Risk – Where’s your Confidence?!

When helping organisations navigate risk management Fox Red Risk is often faced with the task of determining methods for calculating risk. We prefer to use tried and tested methodologies but what we often find is that organisations, very rarely, are calculating risk properly. A key thing missing from the majority of implementation we see is…
Read more

Security Audit - Low Hanging Fruit

Security Audit – Are you a ‘Quiddler’?

Are you a Quiddler? No, this is not some fanboi reference to Harry Potter (I’ll be honest I haven’t read one of the series, I’m a proper muggle!). Quiddling, however, is a very real problem in the world of Security Audit. If you want to know more, keep on reading. You could be one of…
Read more

business continuity

Business Continuity & 22301:2019 – Do I need to get new BC Software?

Here are some changes in the 2019 version of 22301 that could mean your current Business Continuity software solution may no longer be fit-for-purpose.

Climate Change

Climate Change Solved: GDPR mitigates climate change risk!

Whether you believe climate change is a real thing or not there is no arguing 16-year-old Greta Thunberg is making headlines. Her efforts to raise awareness about this key issue of our time are pretty impressive. Whilst some people don’t think climate change is real, as a person who believes in evidence-based decision-making, I am going to pin my colours…
Read more

security ROI

Security ROI: The only Board-level cybersecurity metric you’ll ever need.

if the CISO isn’t providing their Board with a security ROI figure, then it’s quite probable the organisation is spending too much on the wrong things.

CISO role: All C and no IA, the 33% CISOs failing their organisations!

In the last (maybe…) of my three-part CISO rant series (See Part One and Part Two if you want to catch up) I am going to wrap up with a rant about the 33% CISOs not giving their organisations of a full CISO role. These are the CISOs who think their role is solely about…
Read more

Risk Management: Stop – you’re too controlling!!!

What appears to be a well-intended improvement to reduce risk being completely unused because it was poorly envisaged, poorly implemented, with the original control measure still to be decommissioned and so that control is still being used whilst the new control is to all intents and purposes gathering dust.