The Cyber Threat Perspective

Episode 115: How to understand and address risk w/ Robert McElroy

Nov 20, 2024

In this engaging discussion, Robert McElroy, VP at SecureIT 360 with over a dozen years in security governance, shares insights on understanding and managing organizational risk. He dives into the distinction between risk and incident management, emphasizing the need for contextual assessments in cybersecurity. McElroy explores the importance of identifying critical systems, ongoing evaluations, and the role of senior management in prioritizing risks. He also highlights the intricacies of risk management in M365 environments and the value of KPIs in measuring effectiveness.

40:25

Episode guests

Robert McElroy

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Understanding risk involves differentiating vulnerabilities from threats, emphasizing the need for contextual evaluation in risk management.

Cost-effective risk management ensures that mitigation expenses align with potential losses, optimizing resource allocation within organizations.

Deep dives

Understanding Risk Management

Risk is defined as the potential for negative outcomes, which opens the conversation around risk management. Many organizations often confuse risk with incident management, which deals with past problems, whereas risk management focuses on future threats. A proper understanding of risk involves differentiating between vulnerabilities and threats; vulnerabilities are weaknesses, while threats are potential exploiters of those vulnerabilities. A foundational component of risk management is being able to assess the likelihood and potential impact of identified risks.

Intro

3min

Understanding Cybersecurity Risks

5min

Navigating Cybersecurity Risks

11min

Optimizing Risk Management Processes

14min

Navigating Risk Management in the M365 Environment

2min

Measuring Risk Management Effectiveness

5min

In this episode, we discuss the broad concept of risk, what it is, and how to manage it. This episode is a great way to begin understanding how to develop an overall risk management strategy at your organization or understand how a risk management program might work for you.

You find out more about what Rob and his team can do here:
https://www.securit360.com/services/managed-services-consulting/
Reach him directly here:
rob@securit360.com

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://twitter.com/cyberthreatpov
Work with Us: https://securit360.com

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The Cyber Threat Perspective

Episode 115: How to understand and address risk w/ Robert McElroy

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding Risk Management

The Complexity of Vulnerability Rankings

Cost-Effective Risk Management Strategies

Monitoring and Improving Risk Controls

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

The Cyber Threat Perspective

Episode 115: How to understand and address risk w/ Robert McElroy

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding Risk Management

The Complexity of Vulnerability Rankings

Cost-Effective Risk Management Strategies

Monitoring and Improving Risk Controls

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights