Security Risk Assessments - You Don't Know What You Don't Know

Articles
Published:
July 15, 2021

Threat, vulnerability, likelihood, consequence, and risk. For those operating in today’s business environment several of these are a moving target.  While we often think we understand the threats our corporations or private families face, and we believe (or should know) that our countermeasures will thwart any attempts by adversaries to penetrate those defenses – the reality is, you don’t know what you don’t know.When was the last time you commissioned an independent third-party to conduct a risk assessment for your corporation, private family, or family office?  One year ago? Five? What has changed since that last assessment? Geopolitical winds have shifted, a global pandemic has upended supply chains and travel, and social unrest has created new menacing threats, highlighted expanding cyber vulnerabilities, and blown holes in our once-sound security policies and procedures. Do you feel like your last assessment is still valid among all those changes?Especially today, after many employees now work from everywhere. The risks to them in their specific location and the increase in cyber vulnerabilities by working away from the office are significant. Companies must work to strike the balance among policies, procedures, and privacy. To inform this balance, reassessments of vulnerability are critical as now many of the inherent protections at the office (guards, gates, access controls, video, and intrusion systems) are no longer present in employees’ homes (or wherever they are working).For those that have never completed an assessment, the compliance and governance environment should be driving you to do this key task now. Why wait? If one has never looked for threats, identified vulnerabilities, or assessed risk -  you truly are in the dark with regard to not only what might happen tactically, for example, a tornado hitting the office building, an active shooter, or a ransomware attack – but you are even more unaware of the strategic impact by omitting this risk management tool from your list of annual reviews. And, if you are reading this article – now you know. You know more now than you did five minutes ago… and you know you are at risk.  Because when it comes to security risk assessments, you don’t know what you don’t know, especially if you have never bothered to look.How exposed is the enterprise? The Family Office? The CEO’s second home, or their travel arrangements? Is the network, or his/her devices protected against current threats?  How would you know? By completing a security risk assessment, that’s how. Hire a professional company that completes this work as an independent third-party security consultant. Red Five has been doing this work for 17 years, conducts this work consistently, with professionals, and provides actionable results, so that you can take away the unknown risks…and know what you didn’t know.

Subscribe for Cutting-Edge Security Insights!

Get the latest news, expert insights, and exclusive updates right in your inbox.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related Posts

What is IRS 132 Assessment?

IRS 132 Assessment allows for corporations to have an assessment conducted by an outside, independent third-party.
August 13, 2021

Five Organizations to Donate to This Holiday Season

Kris Coleman highlights five incredible organizations to donate your time and money to this holiday season.
November 23, 2022
Managed Intelligence

Red5 Security Bolsters Senior Leadership with Public-Private Sector Heavy Hitter

Karna McGarry, Former CIA Intel Analyst & Intelligence Community Attorney Joins as Red5 Security as Vice President of Managed Services.
October 4, 2023

Let's discuss your security.

Partner with Red5 for unmatched intelligence and analysis expertise tailored to your needs.