Aide-Mémoire:Manage Cyber Risks

The purpose of this aide-mémoire is to give you the assurance you need that your company is concentrating on its most significant cyber risks and that cybersecurity investments focus on reducing these risks. This starts by prioritizing your company’s most critical business activities and understanding how cyberattacks could cause risks to these activities. This information provides the basis for selecting controls and developing a plan for their deployment.


Identify Cyber Risks

TABLE 11-1

Critical business activities and risks

Risk Inquiry 1 “What are the company’s most critical business activities, the benefits they provide, and the most significant business risks they face?”

This question ...

Get A Leader's Guide to Cybersecurity now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.