Cybersecurity Sense

No matter the industry—government, healthcare, financial, or even smaller, mom-and-pop businesses—each deal with some type of sensitive customer information, and each has decisions to make when it comes to managing risk. Most security and audit frameworks (HIPAA, ISO, PCI, NIST, SOC 2, etc.) have requirements for risk assessment, making them one of the first things auditors or regulators ask for. Many companies are still using spreadsheets when it comes to performing risk assessments, which can be ineffective and insecure. Such a lack of functionality can keep a company from moving beyond assessment and into true risk management. In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Mark Fulford discuss the importance of risk management, including the effectiveness of risk assessments and how BALLAST can help organizations automate the risk assessment process. Listen, and discover these key takeaways: Understanding what’s important to your organi