I joke about what GRC means. Apart from the IIA (who talk about governance, risk, and controls), everybody knows that the acronym stands for Governance, Risk Management (or ERM), and Compliance.
Today’s post contrasts two recent pieces. PwC shared some very traditional thinking in Overseeing cyber risk: the board’s role.
The European Union Agency for Cybersecurity (ENISA) has recently released its Threat Landscape 2021 Report, where it has identified prime threats, major trends observed with respect to threats, threat actors and attack techniques, and some suggested mitigation measures.