Governance & Risk Management

Blog

There is no need for IT Risk Management

OK, that sounds a little provocative. And it should. But in essence, it is true, at least as there is no need for a IT-only Risk Management. What we need is an integrated Risk Management, which covers "enterprise" risks and IT risks. Why? Let's start with the types of risks. Risks might be…

Blog

The need for an integrated risk management

During our GRC Forum 2008 which we’ve held in Frankfurt, one of the important discussions was around the way risk management should be implemented. There was broad agreement on the thesis that IT Risk Management and Enterprise Risk Management can’t be separated – at least not beyond the part…

Blog

Governance, Risk Management, Compliance

GRC (Governance, Risk Management, Compliance) is presently a core topic for every mid-sized and large organization. The number of regulations is growing. Auditors are focusing on Corporate Governance and IT Governance, are asking for risk managements and are looking on access controls and…

Blog

The economic turmoil - and its relationship to IT Risk Management

I had a very interesting briefing with one of the vendors for Privileged Account Management today. Like in most briefings, we also touched the current economic turmoil. The discussion we had convinced the expectations I have for the GRC and IAM markets: They probably will not be that heavily…

Conference

Nov 18 - 19, 2008: Governance, Risk Management & Compliance (GRC) Forum 2008

Je komplexer die IT-Infrastruktur, desto angreifbarer ist sie und desto höher die Aufwände (und Kosten) für Compliance. Für die erfolgreiche Einführung einer unternehmensweiten GRC-Plattform ist es deshalb von entscheidender Bedeutung, einerseits deren Fundament in Form einer…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

How to Train Your AI to Mis-Identify Dragons

This week Skylight Cyber disclosed that they were able to fool a popular “AI”-based Endpoint Protection (EPP) solution into incorrectly marking malware as safe. While trying to reverse-engineer the details of the solution's Machine Learning (ML) engine, the researchers found that it contained a secondary ML model added specifically to whitelist certain types of software like popular games. Supposedly, it was added to reduce the number of false positives their "main engine" was [...]

Stay Connected

Latest Insights

Hot Topics

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00