Conversations in Risk-Based Security

Lynx is passionate about helping clients understand and reduce risks they may face, including potential hazards associated with competency gaps. Lynx trusts that a standardized approach improves their clients’ hiring, training, and succession processes as well as enables employees to better understand what capabilities are needed for desired positions and upskill accordingly. Lynx therefore utilizes the NICE Framework, as it is both far reaching and lends itself to competency assessments and careerpathing activities.

Friction has existed between IT departments and Security Operations for years. If turf wars and business silos are not the cause, the lack of collaboration and communication will often lead to disharmony between the two. The left hand should know what the right hand is doing and vice versa, but that can only happen if the problems between them are acknowledged and addressed. Check out our recent conversation where Lynx CEO Gina Mahin and Steven Bay, Director of Security Operations and Threat Intelligence at Security On-Demand, discuss how Integrated Risk Management can bring a ceasefire to this friction and turn these teams into partners working toward the common goal of protecting the business.

A close look at the reasons companies fail reveals that there are substantial risks that don't typically fall under the purview of most GRC programs. The Forrester Report, Extend Compliance And Risk Management To What Really Matters For Your Business, explores how companies can improve business performance by expanding the fundamentals of their GRC program to the aspects of their company that drive success with customer interactions, which will in turn drive growth and revenue for the company.

Many companies in the healthcare market struggle with compliance projects and finding the time and knowledgeable resources, as-well-as the budget, to adhere to government regulations in a timely manner.

Taxes are certainly not fun, but there is something worse: an audit. Combine the two in a risk and compliance scenario and you have the onerous “audit tax,” a figurative term used to describe the expenses a company incurs when deploying resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. The good news is that there are ways to reduce the audit tax burden.

Managing IT risk is part of running any business these days. Regardless of what business you’re in, understanding IT risk can help you increase network security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for serious security breaches and financial losses down the road.

Join us for the webinar "Managed Security - How to Boost Your Security Posture Through Outsourcing Security to Experts” featuring research from the 2017 Cybersecurity Trends Spotlight Report published by the Information Security Community on LinkedIn in partnership with Crowd Research.

Organizations increasingly rely on vendors and third-party relationships for strategic business advantage.  Ensuring that these partnerships don’t create an unacceptable risk requires a complete vendor risk management approach.  Join Michael Rasmussen, The GRC Pundit at GRC 20/20, as he presents this 3 part educational webinar series on managing vendor risk and compliance.

Lynx Technology Partners and Lieberman Software recently announced an integration module for Lynx Risk Manager (LRM) which imports privileged account information from Lieberman Software’s Enterprise Random Password Manager (ERPM) and immediately updates security control scores in LRM.  These scores form the basis for continuous measurement of password-related security risks, as well as compliance to a wide range of regulatory frameworks.

Bobby Dominguez will discuss the operationalization of the NIST Cyber Security Framework to create an information technology risk program at ISACA’s CSX 2016 North America conference in Las Vegas, Nevada, USA, 17-19 October 2016. CSX 2016 North America will be focused on practical cybersecurity solutions and guidance, tailored to every level of a security professional’s career.