Security Staff Acquisition & Development

Managing risk isn’t just for security teams

In the not-so-distant past, risk management was largely considered a challenge for company security teams. But in the last two years, risks have become too big and complex for InfoSec to handle alone.

Managing risk is a task for everyone, regardless of their roles and teams within the organization -- whether they work in HR, legal, finance or software development, or sit in the CEO’s office or on the board of directors.

Proactive but behind

The good news is that organizations increasingly get it, according to results from an online survey of 252 senior-level U.S. executives conducted late last year by CyberRisk Alliance Business Intelligence.

More than half of all respondents said they now have a proactive risk management approach designed to build up their cyber resilience.

But fewer than 20% of respondents have a real-time approach. Solving that challenge has been a key goal for Immersive Labs, a company that empowers organizations to continuously measure and optimize human cyber capabilities through its platform.

“Cyber resilience is no longer solely the responsibility of the geeks in the basement,” Immersive Labs CEO James Hadley wrote in a recent blog post. “Cyber risk affects multiple business areas, making organization-wide knowledge, skills and judgment vital.”

One data-driven approach across teams

Highly trained specialists from a variety of departments must work alongside each other, as one, to get ahead. The sum, Hadley said, is greater than the parts.

Also critical is the ability to track and measure data as it travels from one department to the next and back again. This is especially challenging when one considers how a real-time picture of a situation can change in a split second.

The team armed with the most up-to-date understanding of where their capabilities lie is the one that can adapt more effectively, Hadley said. 

The Immersive Labs platform gives organizations the tools to measure, map to risk, and optimize the human cyber abilities of their workforce in line with a security strategy.

It continuously tests, analyses, and improves the capabilities of technical and non-technical teams, allowing the expertise of the whole organization to meet ever-evolving risks.

For more information on Immersive Labs’ offering, please visit   

Bill Brenner

InfoSec content strategist, researcher, director, tech writer, blogger and community builder. VP of Content Strategy at CyberRisk Alliance.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.