Tag Archives: Cyber Risk Management

Institute of Risk Management East Africa Regional Group partners with Serianu Ltd to grow local cyber risk talent

The Institute of Risk Management’s (IRM) East Africa Regional Group (a member body of the IRM in the UK) and Serianu Ltd have agreed to work together on addressing the huge deficit of qualified risk managers in the region coupled with local public and private sector organisations needing critical hand-holding to ensure risks and opportunities within organisations are effectively identified and managed.

The collaboration is bidding to develop a fundamental home-grown cyber risk management framework for the African context which aims to increase the number of competent risk professionals as well as enhance excellence in cyber risk management and reporting.

Serianu Ltd is a pan-African cyber security consulting firm. The business has signed a Memorandum of Understanding (MoU) with the IRM that will engender collaboration on research, training, community out-reach and policy design.

IRMLogo

According to Dorothy Maseke, chair of the IRM’s East Africa Regional Group, Kenya especially needs 1,000 qualified risk management professionals annually, yet over the last three years the population has grown from just under 20 to around 120 today.

“Risk management is a relatively new field of professional practice yet, locally and globally, there’s a major shift by regulators to entrench high risk management standards,” explained Maseke. “Risk has become a core reporting requirement by management as well as a key responsibility of Boards of Directors. For instance, Kenya’s public sector is guided by the Mwongozo Corporate Governance Code which sets out compliance parameters.”

New specialism

Maseke added that risk management had emerged as a new specialism as a result of changing business and public sector operating environments that have shone a spotlight on governance mechanisms. At the same time, the practice of risk management is increasingly credited with identifying great opportunities for innovation even as it seeks out issues that would derail any organisation from achieving its goals at any one time.

DorothyMasekeIRM

Dorothy Maseke

Threats and opportunities have been a standard in every organisation’s overall strategy for several decades, but now for the first time in corporate governance history, this is firmly set in the risk manager’s scope of work and monitored daily. Maseke noted that, in this way, organisations are also able to clearly assess and derive the benefits from investing in their systems and processes.

Carol Misiko, the East Africa Regional Group’s secretary, added that cyber risk is no longer a back-office IT team issue (although they clearly play a vital role). Misiko noted that today’s enterprise risk management function needs to be able to understand this constantly evolving risk, but also manage, monitor and report on this emerging risk.

Common interest

Speaking during the MoU signing ceremony, Serianu Ltd’s CEO William Makatiani observed that the two institutions have a common interest in growing the knowledge of Boards of Directors and senior management so that they have a strong grasp on emerging events and issues that may affect their organisations.

“We’re collaborating with the Institute of Risk Management to give directors and managers tools and methods that empower them to have a better grasp of cyber risks and opportunities they can exploit,” stated Makatiani. He added that, generally – and especially so in the public sector – the degree of compliance is still quite low and that many highly regulated private sector organisations are yet to get to cross the 50% mark.

Advertisements

Leave a comment

Filed under Risk Xtra

Advent IM outlines detail for ‘Cyber for the C-Suite’ Breakfast Seminar

A breakfast seminar created exclusively for business leaders and senior Board members seeking guidance on the present cyber security threat is to be run by security consultancy Advent IM at the company’s Training Centre near the M5, Birmingham on 7 December.

With many years’ experience in senior level consulting, training and mentoring, the seminar will be delivered by Advent IM’s managing director Mike Gillespie, who’s also director of cyber strategy and research for The Security Institute. As a director, Gillespie understands the place of senior leadership in cyber resilience and risk management.

The seminar is designed to promote and enhance understanding of the organisational threats that Boardrooms need to factor into resilience strategies. Attendees will also have first access to places on the forthcoming training course, again exclusively for senior leaders and the C-Suite, which will start in March 2017.

cybersecuritychallengeuk

Gillespie informed Risk UK: “The cyber threat landscape is high on the agenda of all Boardrooms. Many businesses have felt the impact of cyber attack, either directly or through supply chain partners. No size of business is immune and no kind of service spared the attackers’ attentions, with even hospitals being struck by ransomware.”

He added: “Recent research suggests that 82% of businesses say security is a CEO or Board-level concern, with two-thirds suggesting that they’re increasing cyber security spend. The additional spend is great, but without leadership and solid strategy it may not achieve anything near its potential, and cyber risk may not be reduced. We absolutely have to make sure Boardrooms are well briefed and understand how to go about effective cyber risk management.”

*Details of the seminar and how to book can be found at: http://www.advent-im.co.uk/breakfast-seminar-7th-december-cyber-security-awareness-for-business-leaders/. Alternatively, telephone 0121 559 6699 or 0207 100 1124 or send an e-mail to: bestpractice@advent-im.co.uk

Leave a comment

Filed under Risk UK News, Uncategorized