A Holistic Approach to Risk ManagementA Holistic Approach to Risk Management
Participants at last week's Financial Services E-Mail, Instant Messaging & Collaboration Summit, a cross-section of information security, audit, legal, and compliance experts, agreed that a successful risk mitigation and compliance program <a href="http://informationweek.com/story/showArticle.jhtml?articleID=22103604"target=_blank>requires taking a holistic approach</a> instead of attempting to tackle each risk separately.
July 6, 2004
Participants at last week's Financial Services E-Mail, Instant Messaging & Collaboration Summit, a cross-section of information security, audit, legal, and compliance experts, agreed that a successful risk mitigation and compliance program requires taking a holistic approach instead of attempting to tackle each risk separately.This applies to both to traditional credit and market risk, for which banks have developed a broad spectrum of tools and data to work with, and to newer forms of risks such as hacking attacks, phishing, and other types of malicious code, for which they have relatively little experience to draw upon. "All layers of the organization-legal, IT, compliance, and information security-have to be on the same page," says a technology risk executive at a top international banks. "The better job of working collaboratively, the more responsive we can be to business needs." Financial institutions are encouraging software vendors to build greater security into newer versions of their products, but they're also realistic about it. "Millions of lines of code exist in an operating system," says this executive. "There's a limit to what a vendor can do."
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023