5 Steps to Effective Vendor Risk Management
Jonathan Wood
The term ‘Vendor risk” covers all aspects of threats to your organisation and your customers posed by an outsourced relationship with a vendor and the products or services they provide. …
Why being compliant isn’t the same as being secure
In the world of cybersecurity, two terms that are often used interchangeably are “security” and “compliance.” However, they are not the same thing. As cyber threats increasingly become a business-critical issue for all organisations, it is time for organisations to step up from simply being …
Why Diversity and Inclusion Matter at C2
Diversity, Equity, and Inclusion Q&A with Jonathan Wood, CEO C2 Risk. According to People Management, diverse teams are 87% better at making decisions and further statistics found that those diverse teams deliver 60% better results. This highlights that inclusive decision making can bring about faster …
How much do you really know about your extended enterprise?
Information risk is something that businesses everywhere are having to face, and with risk comes responsibility. All organisations now generate, process and store vast amounts of information to maximise the returns from their investments. But, who is responsible for defining an acceptable level of risk …
Cyber Security, is it a core part of your ESG?
With the costs of a data breach rising by 10% between 2020-2021, the global average cost to a business now sits at a huge £3.93 million. With these figures focussing board attention and the news of data breaches hitting the media every day, it’s no …
Comparing CIS 20 & ISO 27001
The CIS20 (Critical Security Controls) framework and ISO 27001 2(013 and now 2022)are both standards that provide guidelines and best practices for information security management. However, there are some key differences between the two. …
