• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Risk management: Overcoming the obstacles

December 26, 2013 by Secure360 and UMSA

iStock_000019128807MediumAs we make progress in risk analysis, utilizing better weather prediction equipment, remote sensing and satellite imagery, and systems for dealing with violence, it might seem that risk management would get easier. But the truth is, even with advanced technology and better understanding of risk assessment and prioritization, there are still many obstacles to managing risks effectively.

Lack of resources

Having the resources to act on all the information can be an obstacle to risk management. Even getting the information needed to act requires resources that many organizations don’t have. Identifying the risk doesn’t mean the finances are there to fully mitigate it. Up-front costs can be high and credit isn’t always an option. Organizations may not have dedicated personnel for managing risks fighting for that budget, and monies are more likely to go for day to day operations than a security measure for a potential disaster.

Defend your security budget. Know what you need and how to sell it to the c-suite so they understand the money is being well spent. Investing in security upfront to mitigate risk will likely cost less than dealing with fallout from a crisis the organization wasn’t prepared to deal with.

Dissemination of information

Information about risks may be available, but the people responsible for risk management may not be getting that information if there isn’t an established process for getting it to them. If the people receiving the information don’t understand what it means or what to do with it, it’s of little use in risk mitigation.

Having a team or at least one known go-to person for risk management, and educating staff about who that person is, what they do and what they need to know, will help ensure information is going to the right place. Risk management may not be in everyone’s job description, but everyone needs an understanding of their part in identifying and alerting the right people with information about risks. Put procedures in writing and make them available so everyone knows who to contact and what to do.

Lack of control

There will be factors of risk management that are simply out of your control. Your plan may rely on public goods and services that your organization doesn’t manage directly. Buying insurance is good way to mitigate the risk of financial loss in case of a crisis, but that only works if the insurance company doesn’t find a loophole or reason not to pay out on your claim. Be aware of areas you can’t control. If it’s reasonable, put a backup plan in place to cover any shortfalls.

You can’t anticipate every risk, and even if you could, you couldn’t possibly mitigate them all. Fix what you can. Prioritize your risks and focus on what you can do. Take note of where you can make a difference and focus energy and resources there while also identifying your major obstacles, and work diligently to get past them where you can.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Comments

  1. Moein. Dorribakhsh says

    July 31, 2015 at 7:10 am

    Thanks.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 2 days ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 4 days ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 6 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.