RiskXtraJune2019
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
News Update<br />
IRM brings Institute of Operational<br />
Risk into growing global risk<br />
management community<br />
The Institute of Risk Management (IRM) has<br />
announced that the Institute of Operational<br />
Risk (IOR) will be joining the IRM group. This<br />
news follows in the wake of a vote at the IOR’s<br />
Annual General Meeting held on Wednesday<br />
22 May in central London.<br />
The IRM’s objective is to provide education<br />
and training for the global risk management<br />
community and support the profession with<br />
cutting-edge thought leadership. The IOR has<br />
the same and complementary purpose focused<br />
on operational risk. Both organisations fully<br />
recognise that strong benefits and synergies<br />
can be achieved by coming together.<br />
The IRM will, in particular, provide full<br />
support for the promotion of the IOR<br />
Certificate in Operational Risk. This will<br />
become part of the IRM’s global portfolio of<br />
qualifications, complementing the<br />
International Certificate and Diploma in<br />
Enterprise Risk Management (ERM) as well as<br />
the new Digital Risk Management Certificate.<br />
In addition, the IRM will be funding a major<br />
joint research project to advance thinking in<br />
operational risk management and contribute<br />
towards further qualifications development.<br />
The IRM and the IOR are jointly committed to<br />
advancing the professional practice of<br />
operational risk management.<br />
The development of a global network of risk<br />
practitioners and professionals delivering<br />
value and service at a local and regional level<br />
is a key strategy of both the IRM and the IOR.<br />
The chapters and groups of the two<br />
organisations will co-operate at a regional<br />
level to provide global support for members<br />
and the wider risk management community.<br />
Importantly, the IOR brand is going to be<br />
retained and will continue to represent<br />
excellence in the practice and profession of<br />
operational risk management.<br />
Socrates Coudounaris CFIRM, chairman of<br />
the IRM, said: “The IRM has a long and<br />
productive association with the Institute of<br />
Operational Risk. We have built our<br />
partnership on the common ground between<br />
us and the joint interest we have in providing<br />
excellent education and training to the wider<br />
global risk community in ERM and in<br />
operational risk. Our groups and chapters<br />
complement one another. We believe it’s in<br />
the best interests of both organisations to<br />
further deepen and extend our strategic<br />
relationship. The exact form of the future<br />
strategy is currently under discussion, but<br />
we’re confident that whatever the direction<br />
taken the outcome will be a hugely positive<br />
one for the risk management profession.”<br />
Businesses “woefully unprepared”<br />
for cyber breaches due to lack of IT<br />
security and ops basics<br />
1E, the endpoint management and security<br />
company, has published ‘Getting Your House<br />
in Order’. The document contains research<br />
findings that showcase the considerable scale<br />
of security breaches and the challenges<br />
businesses still face surrounding cyber<br />
attacks. The detailed report concludes with a<br />
ten-point Action Plan for businesses compiled<br />
by cyber security expert Michael Daniel.<br />
With digital transformation on the rise and<br />
technology outpacing policy, companies must<br />
take the lead when it comes to securing their<br />
estates. While cyber security has received<br />
much fanfare – with global spend predicted to<br />
exceed $1 trillion through 2021 – the biggest<br />
gaps continue to endure in plain sight.<br />
Commissioned in partnership with Vanson<br />
Bourne, 1E’s independent study polled 600 IT<br />
decision-makers (300 from IT operations and<br />
300 specialists in IT security) from across the<br />
UK and the US. The research discovered that<br />
over three-quarters (77%) believe that they’re<br />
not extremely well prepared to react to a<br />
serious data breach. Over half (60%) have<br />
experienced a serious security breach in the<br />
last two years (31% more than once), while<br />
eight-in-ten claim that digital transformation<br />
increases cyber risk.<br />
Fewer than a quarter (23%) believe that<br />
their IT operations and IT security teams work<br />
together extremely well to secure the<br />
business. Nearly all (97%) believe that their<br />
organisation would benefit from better<br />
collaboration between these teams.<br />
On average, respondents to the survey have<br />
visibility of 64% of their organisation’s total<br />
software estate. Only 66% of this software is<br />
said to be current.<br />
Over three-quarters (77%) cite the belief<br />
that remote working will continue to be a<br />
security concern until organisations can find a<br />
way to effectively reach, patch and secure<br />
remote workers. The majority of respondents<br />
demand an investment increase in areas such<br />
as software migration automation (80%),<br />
breach response and remediation (67%)<br />
and/or software patching (65%).<br />
Sumir Karayi, CEO at 1E, told Risk Xtra:<br />
“Businesses are losing control of their estates<br />
because of fundamental issues such as the<br />
widening gap between IT operations and IT<br />
security and deferred responsibility.”<br />
7<br />
www.riskxtra.com>