Cydea“There’s a new cyber vulnerability in the Operating System we use on the handheld devices used by our engineers out in the field; how do I communicate the resultant change in risk profile to the organisation?”
Niall explores risk analysis beyond the risk register in his blog.
https://cydea.com/blog/risks-without-impacts-attack-path-analysis/
#PositiveSecurity #AttackPathAnalysis #RiskRegister #RiskAnalysis
Risks without impacts: attack path analysis — Cydea
A little while ago, I was presented with a familiar problem statement from a Cydea client who was a cyber security manager at a large organisation: “There’s a new cyber vulnerability in the Operating System we use on the handheld devices used by our engineers out in the field; how do I communicate the resultant change in risk profile to the organisation?