Switching from traditional risk analysis methods like ordinal lists or red-yellow-and-green charts to more modern approaches like risk quantification requires a paradigm shift in how you think about measuring risk, but the increased accuracy, specificity, and reliability you’ll gain by doing so pays dividends.

On this episode of GRC & Me, Netflix’s Tony Martin-Vegue join LogicGate’s Chris Clarke to explore the best ways to navigate this transition, how to learn and leverage popular risk quantification frameworks like Open FAIR, and why you shouldn’t completely throw your colored charts out the window just yet.

They say it takes a thief to catch a thief, so why not a hacker to catch a hacker? 

That was the premise behind Ted Harrington’s Independent Security Evaluators, a company dedicated to poking holes into other companies’ cyber defenses — for the right reasons, of course. On this episode of GRC & Me, Ted takes LogicGate’s Chris Clarke on a journey down the benevolent hacker’s rabbit hole, where they discuss:

• The difference between white box and black box testing (and which is better.)
• Why carrying these exercises out can build trust and become a competitive advantage in third-party risk assessment.
• Why it’s important to shift your mindset from one that views security as an obstacle to one that views it as an opportunity.
• Uncovering the unknown unknowns in cybersecurity.
• How “defense in depth” strategies can put security teams a step ahead of threat actors.
• The four traits that lead hackers to be successful, and why thinking like one can be an effective way to bolster your cyber defenses.

Few careers involve managing as much risk as one where you’re responsible for launching humans riding gigantic rockets into outer space. That’s exactly what Barrios Technology Chief Strategy Officer Ginger Kerrick did during her three-decade career working for NASA.

On this episode of GRC & Me, Ginger joins LogicGate’s Chris Clarke to discuss methods for developing methodical, standardized thought processes for risk decision-making in high-stakes scenarios, how NASA employees are trained to separate logic from emotion, how disasters can inform future mitigation planning, and why the most important part of managing risk is having the right leaders in place.