Chapter 4: Cyber risks and controls

Introduction and overview

The process described in the previous chapter can be used to manage any risk management process, including cyber. Where cyber differs is in the specific nature of the risks faced by organisations and the controls used to mitigate them. Cyber risks can be categorised, like other IT security risks, using CIA.

Confidentiality – relates to organisations’ duty of care, and legal responsibility (under the GDPR or other relevant data privacy legislation): they must act as the guardian of the personal and sensitive data they hold on behalf of customers, employees, suppliers, etc. Organisations should also have a means to classify data based on its importance to the business, e.g. information ...

Get How Cyber Security Can Protect Your Business - A guide for all stakeholders now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

How Cyber Security Can Protect Your Business - A guide for all stakeholders by Christopher Wright

CHAPTER 4: CYBER RISKS AND CONTROLS

Introduction and overview

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly