I managed to keep up the pace of 1 post every 2 weeks throughout 2024. Just when I think I might be running out of ideas, and the backlog of topics is running low, then something always manages to come up. I’m grateful I continue to be in a position at the nexus of various fields (technology, a range of customer sectors, government, academia and investing), of various disciplines (risk, resilience, security, privacy, compliance and trust), all while being somewhat in a front row seat for th...| Risk and Cyber
If you work for a large organization, especially public or otherwise regulated companies, then you may well have faced the prospect of developing a risk appetite statement. You might have been enthusiastic about this or possibly compelled by a Board member, a regulator or auditor to do it. This can end up being a "check the box” exercise to develop some abstract statement that no one really uses or values. But it doesn’t have to be this way. Risk appetite, or more specifically, definitio...| Risk and Cyber