Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity

Jim Boehm, James M. Kaplan, Peter Merrath, Thomas Poppensieker and Tobias Stähle

New cyberrisk management information systems provide executives with the risk transparency they need to transform organizational cyberresilience. Executives in all sectors have deepened their understanding of the dangers cyberrisk poses to their business. As hacks, cyberattacks, and data leaks proliferate in industry after industry, a holistic, enterprise-wide approach to cybersecurity has become a priority on board agendas. Read more

“Risk decision makers reserve particular criticism for governance-risk-compliance (GRC) systems. These complex software solutions can take years to implement and rarely produce a satisfying result. Like many risk-management systems, GRC software was created by technicians, and specialized expertise is required to make sense of the output.”