InsightsSuccess
Subscribe Now!
Get A Chance To Feature In Magazine By Submitting Your Interview Today!
No Result
View All Result
InsightsSuccess
  • Home
  • Industry Insider
  • Magazine
  • Franchises
  • Blog
  • Conferences
No Result
View All Result
InsightsSuccess
No Result
View All Result

Coalfire: Empowering Organizations to Manage Risks Effectively

With increased usage of the World Wide Web, security breaches are becoming a more common occurrence nowadays. The past couple of years have witnessed detrimental security breaches to the common public, multinational organizations and small companies alike.
Enter the Colorado-based cyber-security advisory firm Coalfire, which helps private and public-sector organizations avert threats, close gaps and effectively manage risk. The organization helps its clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success by providing independent and tailored advice, assessments, technical testing and cyber engineering services.
It’s All about Quality 
Coalfire employs a process-driven quality management system that ensures effective and repeatable project, staffing and contract management activities based on Capability Maturity Model Integration, Project Management Body of Knowledge, and ISO standards as well as industry best practices.
Through an emphasis on efficiency and quality, Coalfire strives to improve its clients’ experience, refine project metrics and deliver unparalleled results. The company prefers to keep its focus on a consistent approach to delivery and continually improve all Coalfire services through evaluation, internal audit and internal corrective and preventive measures.
Identifying Risks 
Coalfire advocates for creating a risk register where each risk is described, its severity is determined, ownership for risk mitigation is defined and risk mitigation tactics are clearly articulated. This risk register should be updated at least monthly, including progress reports on all existing risks along with any new risks that must be considered. A risk committee should then review the register monthly to track status on the existing and newly identified risks.
According to Coalfire, the primary categories of risk organizations should consider include:

  • Strategic: Does a risk pose a threat to the success of key strategic initiatives?
  • Financial: The unplanned costs or reduction of revenue a risk could present if realized
  • Operational: Does a risk pose a threat to how work gets done?
  • People: Aging workforce, talent gap for needed skills, health and safety, risk culture not well established
  • Reputation: Will the organization suffer damage to its credibility with the public or other stakeholders; will it impact customer loyalty/retention?
  • Technology: Exposes key infrastructure/data to theft/loss, cyber threats, impact of use of new technology such as cloud, AI/machine learning, big data analytics
  • Legal: Risk triggers litigation, contractual risks
  • Regulatory/Compliance/Privacy: Failure to comply can result in large fines. Examples include HIPAA, PCI, GDPR and the new California Consumer Privacy Act
  • Regulatory overreach: Too much (overlapping/competing) regulation leads to confusion, overspending and lack of ability to keep up and comply.

A Leader with the Mission of Reducing Enterprise Security Risk 
Tom McAndrew, the CEO of Coalfire, has over 15 years of leadership experience in information security strategies, assessment and audit for both commercial and federal sectors. He joined the organization in 2006, and since then has held key leadership roles spanning Sales, Service Delivery and Technical Testing.
Before joining Coalfire, Tom designed information security and weapons systems for Space and Naval Warfare Command, Naval Sea Systems Command and the U.S. Navy. He brings all this expertise to his leadership position, overseeing, in a hands-on manner, how the company helps enterprises identify and manage risks.
Coalfire’s mission is exclusively focused on enterprise risk reduction and management; Tom and the entire leadership team are focused on directing the organization toward helping customers achieve these aims efficiently and effectively. He is a highly visible thought leader, presenting frequently in private and public-sector speaking forums and contributing articles and commentary in the media, including the Wall Street Journal, Washington Post, Info-security Magazine and many others.
Monitoring Cyber Risks 
During its initial days, Coalfire’s business was formed to help organizations comply with emerging data security regulations, such as those imposed in the healthcare and financial services sectors. Although compliance to the ever-expanding list of data privacy regulations remains vital to Coalfire and its esteemed clients, the industry now recognizes that “compliance does not equal security,” and Coalfire’s services have thus evolved to meet this recognition. As a result, the organization has expanded from a compliance firm to one that offers a full suite of cyber-security services designed to help its clients identify, mitigate, and respond to cyber risks.
Coalfire believes that rapidly changing technologies, such as the cloud, combined with the ever-evolving cyber threat landscape requires organizations to view cyber risks as a critical business issue and not just a concern related to IT. As technologies and threats continue to change, Coalfire sees a continuous need to monitor cyber risks, leveraging tools and key business partners where practical, in lieu of just adding cyber-security professionals, who are increasingly in short supply.
Developing a Culture of Security
Coalfire believes adequately identifying and prioritizing risks should begin with the development of a governance structure, which should be a risk committee and needs to be chaired by CISO or equivalent.
According to the company, it is important to develop a culture of security where employees are all encouraged to report issues they see that pose potential risk to the organization without any fear of reprisal, but rather with the blessing and encouragement of senior leadership. The support of the board and/or executive management is critical; they need to clearly articulate the importance of security and reporting risks throughout the organization.

Previous Post

The 10 Companies with Most Innovative Nanotechnology Solutions 2019 March2019

Next Post

CyberSaint Security: Bringing Automation and Visibility to Compliance and Risk Management Programs

Next Post

CyberSaint Security: Bringing Automation and Visibility to Compliance and Risk Management Programs

Recent News

Avalara
Recent News

Avalara Set to be Acquired by Vista Equity Partners for $8.4 Billion

Avalara Inc, one of the leading providers of cloud-based tax compliance solutions, revealed on Monday that it agreed to its...

Read more
Samsung

Samsung Launches One UI 5 beta in Galaxy S22 Smartphones

Virgin Galactic

Virgin Galactic Pushes the Start of Commercial Space Tourism Flights to Mid-2023

Paypal Plans

Paypal Plans $900 in Cost Cuts

Starbucks

Starbucks’ Earnings Beats Estimates

Path Breakers

Golden Helix

Golden Helix: Providing Leading Genomic Data Analysis Software

Hubstaff | Workforce Management

Hubstaff: Time and Workforce Management at Your Fingertips Virtually

Evonence LLC

Evonence LLC – Expert Google Workspace Partner Across North America

Booster Box

Booster Box – A Passionate International Performance Marketing Agency for PPC Advertising Campaigns

Gary Olson, CEO, GHO Group LLC

GHO Group LLC: Bringing Vision to Reality

Insights Success is an archway that caters to Entrepreneurs’ quench of technology and business updates which are currently ruling the business world.
We are ceaselessly proving the best platform for leading companies, which aids indefinite progress while creating meaningful learning experiences for the visitors and invaluable brand awareness for the clients.

  • About Us
  • Advertise With Us
  • General Disclaimer
  • Terms & Condition
  • Privacy Policy
  • Subscribe
  • Contact Us

© Copyright 2022, InsightsSuccess | All Rights Reserved.

No Result
View All Result
  • Home
  • Industry Insider
  • Magazine
  • Franchises
  • Women In Business
  • Blog
  • Conferences
  • IT & Innovations
  • Leadership
  • Healthcare
  • Money
  • Startups

© Copyright 2022, InsightsSuccess | All Rights Reserved.