James Bone

By: James Bone
Subjects: Computer Science & Engineering

James Bone introduces the first Cognitive Risk Framework for Cybersecurity and Enterprise Risk Management as a complimentary component of a more resilient risk program.  Every risk framework is focused on process, procedures, and policies but ignores the challenges humans bring to the equation.  No risk framework before has provided a path for how to incorporate the human at the center of better risk governance.  

After conducting research on the Cyber Paradox, which is a conundrum of rapid growth in cyber risk while organizations invest billions on cyber security, I wanted to learn shy this paradox continues unabated. What I found is that the human element is the easiest path to bypassing information security controls and may be one of the key answers to responding to improving security.  Cognitive Hack: The New Battleground in Cybersecurity....the Human Mind sets the context for why a new risk framework is needed.

The 2016 US presidential election brought to the public awareness a new risk that is still not well understood but has been part of the history of the internet from the beginning.  Researchers from Dartmouth University coined the term, "Cognitive Hack" which is an attack on the behavior and action of individuals at the human-machine interaction.

By: James Bone
Subjects: Computer Science & Engineering

The market for risk technology is fast approaching its 20th year anniversary driven by increased regulatory mandates and complex organizational risks.  Risk technology is a global market that has rapidly evolved over the last 20 years from single solution providers into platforms with cloud features and advanced analytics.

The term “GRC” (governance, risk & compliance) has also undergone a metamorphosis in attempts to describe aspirational solutions that have yet to fully live up to the goals of GRC users. Terms such as; enterprise risk management, integrated risk management, RegTech, InsureTech, and even FinTech are interchangeably used in a confusing alphabet soup of marketing jargon that fails at providing information about the tools themselves.

As the number of new GRC entrants have entered the marketplace with improved features and benefits it has become harder to evaluate which solution is best for organizations across all industries.  It is with this back-drop of change that TheGRCBlueBook sponsored a User Sentiment survey. 

The Global GRC User Survey is intended to gauge how risk professionals feel about these solutions. The survey was limited in size and scope and is not intended to imply accuracy or direction in the GRC marketplace.

A more robust study of advances in risk technology and risk practice will be conducted over the next 12 months.  If you are interested in participating in the advanced risk practice study please click the link above. Emails will only be used for the survey and to send a confidential copy of the final report.  An Executive Summary will be provided to the public.

This report is a snapshot of User Sentiment over the last 5 years.