Cyber Risks - Building a secure system: Why do we need to do it? How do we get it? And where should we start?

Whether an organisation builds software itself, integrates third parties or just procures a solution, the risks of a poorly secured system will ultimately have a significant impact on the business. Secure systems engineering, is not something that usually gets prioritised against the need to get to market quickly or reduce costs, unless of course the business truly understands the risks.

This chapter from the latest book from The Institute of Risk Management  “Cyber Risks: Resources for Practitioners” covers the risks arising from poor security engineering. We look at the potential impact on the business, what steps can be taken to mitigate these and therefore what questions all risk managers should be asking their internal and external architects and developers, highlighting the potential impact of software development methods such as AGILE on secure development methodologies.

The full book is available for download via the IRM website or you can download a copy of our chapter titled “Building a secure system: Why do we need to do it? How do we get it? And where should we start?” below.