all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Do you add threats and vulnerabilities to your risk register?

Add to bookmarks
Nov. 24, 2023, 1:30 p.m. | /u/redbirdjr

cybersecurity www.reddit.com

Sorry for yet another GRC-related post, but this is for those GRC professionals with a functioning program (and not career advice):

I try to keep my risk register down to actual risks - things that can be represented with a threat actor, vector (optional), asset, and impact. Very much aligned with the FAIR ontology. A lot of concerns get sent to us that aren't actually risks but potential threats (a new threat group doing xyz) or things I would categorize …

actor advice asset career career advice cybersecurity down grc impact professionals program register risk risks things threat threat actor threats threats and vulnerabilities try vulnerabilities

Visit resource

More from www.reddit.com / cybersecurity

It's RSA week, so get ready for some of the dumbest cybersec shit to be … 4 hours ago | www.reddit.com
business ciso cybersec cybersecurity +6
China hacked Ministry of Defence, Sky News learns 6 hours ago | www.reddit.com
china cybersecurity defence hacked +2
Ring agrees to pay $5.6 million after cameras were used to spy on customers | … 11 hours ago | www.reddit.com
cameras customers cybersecurity malwarebytes +3
Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know 12 hours ago | www.reddit.com
apple cybersecurity iphone problem +1
Thoughts on forcing users to see aliases instead of emails in Microsoft? 13 hours ago | www.reddit.com
address alias cybersecurity email +7
Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony 13 hours ago | www.reddit.com
ceo change change healthcare cyberattack +6
Is it worth it? What would you do? 13 hours ago | www.reddit.com
application course cybersec cybersecurity +3
20 Security Issues Found in Xiaomi Devices 14 hours ago | www.reddit.com
cybersecurity devices found security +2
Analysis of ArcaneDoor Threat Infrastructure Suggests Potential Ties to Chinese-based Actor 14 hours ago | www.reddit.com
actor analysis arcanedoor chinese +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs