Risks analysis

Accueil » Cyber Strategy » Risks analysis

Business leaders who believe their cyber risks are increasing
Source : Accenture


Average cost of a data breach in 2021

Source : IBM


Increase in identity theft in 2021
Source : III

Know your real risks

One of the strategic objectives of every organization is to ensure that security risks to which the organization is exposed are well controlled. This control consists in :

  • Having an updated mapping of the risks incurred.
  • Classifying its information assets.
  • Knowing its vulnerabilities, the related threats, the impact (legal, financial, operational, and on the brand image) in case of occurrence of the risks.
  • Evaluating the security measures in place.
  • Identifying the risk vectors and the associated attack scenarios.
  • Drawing up strategic, tactical and operational plans to deal with the identified risks.

GDPR fines totaled $1.2 billion in 2021.
Source: CNBC

Avoiding a generic risk analysis

In practice, risk analysis exercises are often incomplete, too generic or unrelated to the classification of the company’s information assets. The criteria used to determine risks and the frequency with which they are reviewed are not always clear either.
The proper risk management methodology needs to be defined, in which the organization’s employees participate in the identification and evaluation of risks.
With HumanOne, you will discover how to conduct your risk analysis and identify the most appropriate method for your context.