3rd Party Risk Management , Cloud Security , Governance & Risk Management
What's New in Updated Cyber Risk Assessment Guide?
Josh Magri of the Cyber Risk Institute Describes Enhancements to 'Cyber Profile'The Cyber Risk Institute this week is releasing a new version of its “Cyber Profile” risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security.
See Also: Alleviating Compliance Pain Points in the Cloud Era
In a video interview, Josh Magri, founder of the institute, describes the updates in version 1.1 of the tool.
“One of the things that that the regulators are appropriately focusing on now is the area of third- party dependency management,” Magri says. “Further, a lot of the financial institutions were migrating toward cloud-based applications and platforms, but COVID-19 has really emphasized the need to use these platforms because of the remote locations that everybody's in.”
In this interview with Information Security Media Group, Magri discusses:
- The role of the Cyber Risk Institute;
- Updates included in Cyber Profile 1.1;
- How the shift to a remote workforce could shape more revisions in the profile.
Magri is the founder and managing director of the not-for-profit Cyber Risk Institute, which works to advance cybersecurity by creating and updating a common framework for cybersecurity and resilience assessment. Previously, he served as senior vice president and counsel for regulation and developing technologies at Bank Policy Institute/BITS, where he was the principal architect and co-lead of the FSSCC Cybersecurity Profile initiative.