Cyber Security News and Insights

Explore learnings from our team

If you manage risk, one vital part of your job is reporting your project’s status and results to other groups: the board, management, and external auditors. And when building reports, risk managers must pay careful attention to the relationships of the intended audiences.
We typically don't divulge much of our work, partly because we're security professionals, but also because we've been focused on building an exceptional business. Nevertheless, we are incredibly proud of our team, clients, and delivery. We want to express our gratitude to all those who have been a part of our journey.
Recently we discussed the security of RiskTree with a client, who ran through the NCSC Cloud Security Principles. Since RiskTree is delivered as software-as-a-service, this made sense. One point that arose was the lack of Multi-Factor Authentication (MFA) in use: CSP Principle 10 states that 2FA is ‘considered good practice’, using either a hardware or software token or out-of-band challenge.
In this article, we explore 8 reasons to stop using spreadsheets to manage risk, and the additional threats this approach to risk management subjects businesses to. We also suggest a better, cost-effective alternative to spreadsheets.
There’s a lot that you can do, and I’m sure there’s a lot that you aspire to do. But get an understanding of where you stand today, where you need immediate improvement, and where you hope to immediately see value. This will get you on the front foot. More tips...
News Categories: