Search Blogs
Essential stages of a third party risk management program
Developing and maintaining a third party risk management (TPRM) program can help to reduce the overall risk to your organization. What is TPRM? In short, it is the process of analyzing and mitigating risks associated with working relationships with outside entities. These parties can include everyone from contractors providing janitorial services to suppliers of a…
Four Things You Can Do Today to Improve Your Cybersecurity Posture
Cybersecurity is always changing and evolving as threats grow. Here are ideas that you can start on today that will help reduce your risk and improve your cybersecurity posture: 1. Require Multi-Factor Authentication Having multi-factor authentication (MFA) is essential for granting access to confidential data. It helps to reduce the risk of credential loss and…
Workshop Highlights: Navigating the World of Uncertainties Impacting Non-Profit Organizations
The 4th Annual GRF /NC State ERM Workshop for Nonprofits was held on February 23 and 24, 2023. Nonprofit executives and board members from across the U.S. came together to share their experiences and discuss strategies and tactics for strengthening enterprise risk management at tax-exempt organizations. Melissa Musser, Partner and Director of GRF’s Risk Advisory…
Getting Started with Cybersecurity Training
TLDR: End user cybersecurity training is essential for preventing malicious actors from gaining unauthorized access to your organization’s network. Creating a risk-averse organization involves making your staff aware of best-practices for identifying common attacks, like phishing scams. At the end of this article, you will find a cyber hygiene template and risk checklists for privacy,…
Internal Audit: Preventing Fraud through Travel & Expense Reimbursement Audits
Travel & Expense (T&E) reimbursement fraud can have a significant impact on your organization. The Association of Certified Fraud Examiners’ 2022 Report to the Nations found the average loss from an expense reimbursement scheme was $152,000. The report, which is based on a worldwide survey of Certified Fraud Examiners conducted between July and September 2021,…
Obtaining Cyber Insurance For Your Organization
By Darren Hulem, CISA, CEH, Security+, Supervisor, IT and Risk & Advisory Services As cyberattacks grow in frequency and complexity, organizations are asking, “Is Cyber Insurance worth it?” The short answer is “Absolutely!” Before contacting an insurance company, we recommend some research and due diligence to position your organization for reasonable rates. Coverages can vary…
Survey Highlights Pace and Complexity of Risks for Nonprofits
Enterprise risk management is becoming more common in the not-for-profit sector, but recent research finds that risk management practices are not keeping pace with the increased complexity of risks for nonprofits. On July 12, 2022, the Enterprise Risk Management (ERM) Initiative at NC State University published the 13th edition of its annual State of Risk…
IP Reputation: Are You Being Blacklisted?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Your organization’s reputation can be influenced by a variety of factors including brand image, online reviews, social media presence, customer experience, and more. Each of these elements factors into the overall image of the organization. When it comes to your internet reputation, important elements are different…
Brand Monitoring: Tracking Your Social Footprint
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Have you ever wondered how end users view your company? Is your domain seen as safe and trusted? Is your website optimized? These are just some of the areas that business analytics tools assess to evaluate your brand. Every organization is adapting to the changing digital…
Web Ranking: How Do You Measure Up?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series While web ranking is not necessarily a security concern, having insight into the popularity of your website helps measure the success of ad campaigns, assess visitor engagement with your content, and identify opportunities for growth. Web ranking sites include Alexa, Cisco, and Majestic, and each site…