** Juanita Koilpillai is Founder & CEO of Waverley Labs and President of the Digital Risk Management Institute

(link to Part 2 and Part 1)

Part 3 of 3

Digital business is at risk when reactive security monitoring and response is too slow, practitioners simply have too much data to identify what is important, and practitioners do not know how to protect their critical assets. The evolving attack continues under the radar until the incident is declared and incident response measures are initiated. At this point in time data has been compromised, operations have been disrupted, and the cost of the response has increased exponentially. Because digital business is even more dependent on automated, internet-facing business functions with users and devices that are not inside the enterprise firewalls, the industry needs a new approach to monitoring and managing the risk to digital business.

Digital risk management requires a methodology for defining and quantifying digital risk and a proactive monitoring solution taking input from a SIEM and wide range of other sources that includes the ability to automatically process volumes of data against a smaller universe of high risk digital transactions, interactions, and processes that are core to the digital business of any organization.

A new model is emerging for digital business – a model that will provide the Board and business leaders with a presentation of risk that are easily understood. This information will enable:

  • Prioritized spending on tools and human capital
  • Focus on a smaller number of high risk transactions and interactions
  • More predictable ability to protect critical assets
  • Faster and more effective response

The Digital Risk Management Institute recently introduced this new model – the industry’s first Digital Risk Management framework (DRMf) – for C-suite and Board-level executives who seek to understand digital risks to their business in quantifiable terms in order to proactively manage them effectively.

The new DRMf provides them with a prescriptive, unified approach to measuring and managing digital risk across the enterprise. Ultimately the framework becomes foundational for managing risk across various functions by relying on the quantification of the business impact of digital risk. This effort enables business leaders to understand the risk profile of their operations and for the organization as a whole to prioritize risk mitigation decisions based on the level of operational and financial risk.

For more info, consider joining the DRM Institute. Visit this DRM Institute page to become a General Member. Once you are a General Member you can join the General Member LinkedIn group and also apply for Charter Member status.

Watch this blog for additional updates.