Data

How do you begin to understand your security risk culture?

As the old adage goes, “culture eats strategy for breakfast”. A great security risk management strategy will go nowhere if your organization doesn’t have the right culture to implement it.

So how do you go about understanding what your culture is, and what the gaps are between this and where you want to be? Chances are, you’ve already got the data you need to back up what you’ve seen from your experiences and conversations. You can use this data to highlight behaviors, outcomes, trends and hotspots in your organization’s security risk management.

 How have you addressed understanding and changing security culture in your organization?

culture data.png

Are you using data operationally, or are you using data to improve business performance?

New research from Marsh and RIMS shows the majority of Risk Managers are using risk management data for operational tasks such as insurance renewal decisions, providing data to external parties and for ad-hoc enquiries and situations. Only a minority are using data to support strategic planning, improving long-term operational performance and making adjustments to risk management strategy.

How do you use risk management data in your organization, and does it align with your security risk management goals?

Risk management data use.png

How successful is your organization at having data-driven security conversations?

Security management questions may seem straightforward, but quickly and accurately responding to them often involves a lot of behind-the-scenes manual data gathering, processing and analyzing.

Organizations are dealing with more security data than ever before, which can easily overwhelm these manual processes and make it even harder to use data to drive security risk management decisions. A more streamlined approach using cloud-based management platforms would actually enable your organization to make the most of the growing amount of data, perform quicker analyses and provide a more immediate and accurate overview.

What’s holding your organization back from taking a more data-driven approach to its security risk management?


Security risk management and data management