The SolarWinds product set is used by thousands of customers, working in the supply chains of countless others. At its core, the SolarWinds breach stems from improper governance and access control execution. As SolarWinds and the thousands of impacted customers work through the resolution of this breach, we must prepare ourselves for the next situation of this kind.
Cyber risk management is an ongoing discipline that protects all of your organization’s assets, which are of strategic importance to every member of the leadership team. Since every executive has a stake in the cyber welfare of the organization, cyber risk management demands the cooperation of all stakeholders.
The quantification of cyber risk creates a common understanding for both technical and non-technical teams alike and enables everyone to approach cyber risk management using a common vernacular. Everyone in the company can easily understand financial loss potential and the importance of containing this metric. This subsequently prompts a dialog about which options are available to manage risk, along with the associated demands of time, resources, and technologies of each initiative and its estimated benefit in dollars. This process demystifies cybersecurity budget allocations and clarifies the roles of the greater organization in ensuring the success of such programs in reducing cyber risk.