As the National Institute of Security and Technology outlines, to manage cyber-risk, organizations should understand the likelihood that an event will occur and the resulting impact. With this information, organizations can determine the acceptable level of risk for delivery of services and can express this as their risk tolerance.
Darren Wray, CEO, Fifth Step, said in a new A.M. BestTV video that regulators have been demanding that financial services firms develop response plans to cyber-related incidents