Category Archives: Integrated Risk Management

When Gartner released the magic quadrant for integrated risk management (IRM) in 2018 rather than for governance risk and compliance (GRC), members of the information security community were shaken as well as relieved. As we’ve covered befor… Continue reading Integrating Governance, Risk, and Compliance→

As cybersecurity is elevated to a Board- and CEO-level issue, the role it plays in overall enterprise risk management is is becoming more apparent. With that comes a need for an integrated risk management approach for information security teams – … Continue reading An Integrated Risk Management Approach Needs (And Goes Beyond) IRM Tools→

This month, in part three of our Lies GRC Is Telling You Series, we’ll be diving in to the second lie: your cyber program is complex, therefore you must need a complex solution. I struggled with this one given the fact that it was difficult … Continue reading GRC’s Complexity Bias – Do Complex Programs Need Complex Solutions?→

It is no secret that cybersecurity has mystified many members of the C-suite since the function was introduced. With headlines dominated by breaches and hearings of information security shortcomings, as well as Gartner’s prediction that by 2… Continue reading CEO’s – Do You Know Where That Infosec Report Came From?→

Last month, we covered how legacy GRC products and new integrated risk management (IRM) solutions can co-exist and in fact compliment each other. That said, in order for them to compliment we have to acknowledge that there is a distinct difference… Continue reading Legacy GRC And The Sunk Cost Fallacy→

As with any position, there will be different types of people that hold the CISO position. During our conversation with Rick Lemieux, CRO of itSM, we dove deep into the three archetypes of CISO that have emerged: the Visionary, the Teacher, and th… Continue reading The Tale Of Three CISOs And The Skills They Bring→

“Digital transformation may come in many forms, but the result is always the same – organizational change.” Rick Lemieux, CRO of itSM solutions, began our conversation with CyberSaint CRO, Jerry Layden, with the crux of what has become… Continue reading The Two Keys to Changing Organizational Culture→

Data is only as good as what you are able to do with it. In a cybersecurity program, the audits and vendor risk assessments that we conduct are only as good as their ability to empower us to make decisions. Too often, risk and compliance solutions… Continue reading Cybersecurity Dashboards That Empower Decision Making→

Day two of RSA and booth number 1641 is bustling. In fact, the entire Expo Hall is awash with new product announcements, compelling demos, and striking amounts of swag. The CyberSaint team has been exploring the neighborhoods of Moscone Hall since… Continue reading CyberSaint at RSAC 2019→