PSiReN-X · @PSiReN
3 followers · 734 posts · Server vmst.io
#Tragically, #MisterDen; this is #NotNews...
Would you like me to do a #DeepDive on the #RiskRegister...?
#BeWarned: You're not going to like it...
π§βοΈπ€πΊπ€βοΈπ§ | π π¦Ήπ«π»π«π¦Ήπ
#tragically #misterden #notnews #deepdive #riskregister #bewarned
Clean Air Classrooms UK · @CleanAirClassrooms
367 followers · 1680 posts · Server mastodon.worldRT @mishwoz@twitter.com
@CleanAirClassrm@twitter.com @educationgovuk@twitter.com @BRE_Group@twitter.com @UK_CleanAir@twitter.com @IAQWP@twitter.com When it is well known that existing school building stock is in a state of disrepair Β£13billions #Unsafe #Riskregister
And the majority of rely on natural ventilation only
https://twitter.com/CleanAirClassrm/status/1525578282590158849?s=20&t=-byRYD2vVuAEQ7BXqr5CuA
π¦π: https://twitter.com/mishwoz/status/1619680474225586182
Mike Rose · @MikeTRose
533 followers · 739 posts · Server saturation.social
Jason Yip · @jchyip
635 followers · 789 posts · Server mastodon.onlineThere is no point in adding something to a #RiskRegister if you have no intention of doing anything about it. That's just CYA theatre.
Sten Eikrem · @Storesteinen
43 followers · 67 posts · Server infosec.exchange@fifonetworks I agree that the explanations in most certifications are bad. I'm currently working on #cRISK and the language there is at the best of times unnecessary heavy and complicated.
I find it sad but understandable that respected online dictionaries can't tell the differences as well. Most folks can't. Its just a fact.
However would you agree that a common language and understanding of #risk terms is crucial to have a meaningful common discussion on what to do and what to prioritise in #cyber?
Unfortunately this is not my experience, even in the same organisations and teams.
This makes meaningful discussions in a topic already complex almost impossible.
From what I've come to understand over the years is that #threat (and related #threatactor (s)) is just one building block or component of #risk. The other ones is the #asset #control #vulnerability and #Lossevent / #impact.
If you cannot describe these building blocks together, then you don't have a #risk. You have something else, an #threat #lossevent #issue, #controldeviation #problem #a-thing #something. #a-list-of-things-todo
But please do not call it a #riskregister.
When looking at the average #riskregister this is what most of them contains just that - #things.
#crisk #risk #cyber #threat #threatactor #asset #control #vulnerability #lossevent #impact #issue #controldeviation #problem #a #something #riskregister #things