Home CISO CORNERCISO Bytes Risk Assessments are Forever! – Gokulavan Jayaraman – CISO BYTES

Risk Assessments are Forever! – Gokulavan Jayaraman – CISO BYTES


A risk assessment is a process to detect potential threats, prioritize then analyze what could happen if that occurs. This is a continuous process; doing this only when there are issues or on a quarterly / half-yearly basis is really going to keep us temporary blindfolded, remember during such blindness your business is vulnerable.

Remember the following items (but not limited to) are directly giving credible technical risk inputs to your assessment process:

1. Vulnerability & Penetration Testing (VA/PT)
2. Attack Surface Analysis (ASA)
3. Log Analysis (SIEM/SOAR)
4. Subject Matter Expert Analysis (SME)
5. Data Privacy Impact Analysis (DPIA)
6. Audit Input Analysis (Internal/Third Party/Agency)
7. Security Operations Centre (SOC) / Network Operations Centre (NOC) Inputs
8. Incident Management Inputs.

Contributed by
Gokulavan Jayaraman, Information Security Manager, Lumina Datamatics Ltd.

Recommended for You

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads