Risk management of threats
Every organisation needs to be prepared for risks so it is vital to have an effective risk management process.
We need to first consider what risk management is. The Institute of Risk Management give the following definition:
- Risk is part of all our lives
- As a society, we need to take risks to grow and develop. From energy to infrastructure, supply chains to airport security, hospitals to housing, effectively managed risks help societies achieve. In our fast paced world, the risks we have to manage evolve quickly. We need to make sure we manage risks so that we minimise their threats and maximise their potential.
- Risk management involves understanding, analysing and addressing risk to make sure organisations achieve their objectives. So it must be proportionate to the complexity and type of organisation involved. Enterprise Risk Management (ERM) is an integrated and joined up approach to managing risk across an organisation and its extended networks.
- Because risk is inherent in everything we do, the type of roles undertaken by risk professionals are incredibly diverse. They include roles in insurance, business continuity, health and safety, corporate governance, engineering, planning and financial services.
It is important for any organisation to be aware of the risks relating to cyber attacks, but also what is a proportionate response. The impact and likelihood of the risk event occurring is to be considered in light of the costs to manage the risk.
The article by Peasley et al. (2017) on the Deloitte Insights website, highlights the six main cyber risk challenges organisations face, including:
- Executive-level engagement
- Talent and human capital
- Intellectual property
- Connected products
- Customer trust
Consider your own organisation and the nature of the information your role works with: what are the risks around your data being lost or used by others? How much would you spend to protect it?
Peasley, S., Mantha, K., Rao, V., Fedder, C. and Gasdia, M. (2017) ‘Cyber Risk in Consumer Business’. Deloitte Insights [online]. available from https://www2.deloitte.com/us/en/insights/industry/retail-distribution/cyber-risk-management-in-consumer-business.html [27 August 2019]
© Coventry University. CC BY-NC 4.0