• Ashley Hyde posted an update in the group Group logo of ORM for ITORM for IT 9 years, 3 months ago

    The answer to your question Edward, in my opinion and from my so far brief venture in to Op Risk from Info Sec, is a clear yes. Insurance is a valid risk treatment in certain circumstances, but I dont believe Cyber Risk is one of them, not entirely anyway. And, you need to know precisely the ‘nitty gritty’ of insurance cover, too many opportunities to not meet the pay-out requirement otherwise.
    Better to bolster prevention, detection and intel gathering aspects of risk mitigation. Depending on the industry sector, there are various opportunities to share intel and best practise, but its important to know that this is a persistent risk and constantly changing and evolving.

©2024 The Institute of Operational Risk. All Rights reserved Site designed and powered by Eko UK Limited

Log in with your credentials

Forgot your details?