A 'target risk environment'?: Growing Enterprise Security Risk Management Challenges, Threats & Vulnerabilities
A 'target risk environment': Growing Enterprise Security Risk Management Challenges, Threats and Vulnerabilties. Tony Ridley, MSc CSyP MSyI M.ISRM

A 'target risk environment': Growing Enterprise Security Risk Management Challenges, Threats & Vulnerabilities

Forced, rapid and new changes within organisations, industries and economies has created a new 'target rich environment' for both traditional threats and new predators such as criminals, cyber hackers, terrorists and syndicated/organised bad actors.

That is, what was once considered 'safe', 'secure' and even 'protected' has fundamentally changed during an as a result of the pandemic and the impact it has had on organisations, supply chains, industry and individuals.

In practical terms, think about how many more people have, and continue to, work remotely or from home.

As a result, this act alone has expanded the 'surface area' of organisations exponentially.

In other words, instead of one or two nodes or physical locations in which threat actors can access, you now have many more nodes or access points, both physical and digital, in which to exploit, gain access or apply brute and subtle attempts to 'sneak in'.

This makes many more targets. Lots of targets, makes for a 'target rich environment' for malevolent actors, insider threats, exploitable vulnerabilities and expanded enterprise security risk management threats and challenges.

A 'target risk environment'?: Growing Enterprise Security Risk Management Challenges, Threats & Vulnerabilities

All 'targets' and assets, and their value, are not created equally.

More importantly, the value you apportion to a target or asset may not be the same or comparable value a threat or bad actor assigns, resulting in disparate targets and highly variable 'value'. Including cost or replacement, disruption or decreased utility.

Traditional 'fortress' security risk management practices have been collectively undermined by the pandemic, forced and progressive remote working and the many or varied technologies introduced to continue business, productivity and value creation.

Many organisations, practitioners and industries have not 'caught up'.... many more will never catch up, introducing new and varied vulnerability to the network, community and industries.

A 'target risk environment'?: Growing Enterprise Security Risk Management Challenges, Threats & Vulnerabilities
What does your target board look like?

In sum, organisations, industries and community environments have changed considerably in recent times, altering not only their exposure to extant and nascent threats but also the scale of attractive 'targets' or exploitable physical and digital nodes for bad access to gain access.

As a result, the threat environment has grown exponentially, creating a 'target rich environment' for bad actors, errors and accidents.

Overall, enterprise, system and networked enterprise security risk management threats, challenges and vulnerabilities have grown exponentially...without a commensurate growth in security professionals, practices or investment.

Tony Ridley, MSc CSyP MSyI M.ISRM

Security, Risk & Management Sciences

要查看或添加评论,请登录

社区洞察

其他会员也浏览了