Learn to Assess Third Party Risk (GRC Skills)

Рет қаралды 18,684

Gerald Auger, PhD - Simply Cyber

Күн бұрын

Пікірлер: 62

@TRD_Mike Ай бұрын

As someone who's currently studying for my CySA+ exam, this video on risk analysis was just perfect. Thanks!

@SimplyCyber Ай бұрын

Good luck on the exam! 💪

@rokkr Ай бұрын

I had a blast with this room, and to be honest, for me, it was hard, it seems I didn't give GRC enough importance until now and I am even more interested on the topic after having a massive headache. But the cherry on top was looking at Mr. Auger acting like a schoolgirl on a Taylor Swift concert when he saw the spreadsheet. You rocked this one!

@SimplyCyber Ай бұрын

lol. Great analogy

@atharvavlogs1446 Ай бұрын

GREAT VIDEO AND TUTORIAL.

@SimplyCyber Ай бұрын

Appreciate the love!

@Rafa-7thS0n Ай бұрын

I had fun with this room lol

@abdisamadjoe Ай бұрын

Keep up the good work, Gerald Auger!

@badcrab7494 Ай бұрын

FYI I didn't understand that bowling analogy at all.

@SimplyCyber Ай бұрын

basically cis 18 is a lightweight, easier to understand and have success infosec framework. NIST CSF is a bit harder to implement and understand but is more robust and 'prime time'.

@CWhitlock95 Ай бұрын

Love the energy and teaching style plus 💥#GRC_MAFIA 💥

@Zelousfear Ай бұрын

People showing up for the first time, scratching their heads at all the calls for Carl!

@SimplyCyber Ай бұрын

hahaha. #teamSC

@michaelanim7024 Ай бұрын

😂😂😂yep #TeamSC

@cpatocybersecurity Ай бұрын

Awesome elevation and myth busting for both GRC and spreadsheets! Both can make an outsized impact to fit-for-purpose tasks. For GRC it’s about interfacing between the business and technical teams to prioritize limited resources against unlimited cyber threats. With spreadsheets its about ad hoc data analysis to extract actionable insights from large and disparate data sets. There’s a reason Excel is one of the most searched for topics in e-learning. Both GRC and spreadsheets get a bad rap, especially when applied to the wrong context or when done poorly, so it’s great to have Simply Cyber breaking down barriers and showing the way.

@SimplyCyber Ай бұрын

Appreciate you breaking it down, well said! 💙

@Bayle-s9e 28 күн бұрын

Love the channel and the community. However, at about 12:30 and onwards you go on about risk assessment, which this resource just performs as Likelihood x Impact. There's tons wrong with that approach, not in the least because ordinal scales like that don't operate that way. You should really look into more refined/quantified risk assessment methodologies (e.g. FAIR/FAIR-CAM).

@SimplyCyber 28 күн бұрын

appreciate the feedback. it was a gamified challenge to introduce the concepts to people, their first GRC room on THM. FAIR is great too.

@gurpchirp 19 күн бұрын

i can't describe how much i hate this room, lol.

@Ag3nt_57 Ай бұрын

#TEAMSC LFG!!!!

@SimplyCyber Ай бұрын

#teamSC!!!

@cheesecakesan4792 21 күн бұрын

See how you counter data breach with back-up😂

@Lahmikhara Ай бұрын

Loved the energy! You made me curious about a job I didn't even know existed.

@SimplyCyber Ай бұрын

Go for it!

@zigaudi Ай бұрын

Great video and task!

@SimplyCyber Ай бұрын

Thank you so much. I love doing these videos every year! I'm day 10 too!

@dianarodriguez6026 Ай бұрын

Perfect time. Just the niche I am going into within GRC. Risk assessment ❤

@Dan-q4p7y Ай бұрын

you made GRC interesting and understandable, Thank you sire!

@SimplyCyber Ай бұрын

Appreciate that, glad you got something out of it!

@flakeinator1979 Ай бұрын

#TeamSC!!! Thanks for the great video and information...just like the daily threat briefs.

@SimplyCyber Ай бұрын

Appreciate the kind words! #TeamSC strong 💪

@richpoorworstbest4812 Ай бұрын

No GRC.... no regulated industry..... people moan but without it .. we are more screwed than people realize

@isaacodumbo300 Ай бұрын

sign an NDA

@StudyGRC Ай бұрын

Such a great video, thank you for the walkthrough! 💥#GRC_MAFIA 💥

@SimplyCyber Ай бұрын

Glad you liked it! #GRC_MAFIA is strong 💪

@isaacodumbo300 Ай бұрын

how many vendors should typical asses for a product?

@SimplyCyber Ай бұрын

Depends but 3 is good if open bud, typically business is bringing you their choice and you find 1 or 2 alts to have a fair run off

@isaacodumbo300 Ай бұрын

@@SimplyCyber thank you

@jgold96 Ай бұрын

Awesome stuff!

@SimplyCyber Ай бұрын

Glad you enjoyed the video! Thanks homey!

@CyberGingerGuy33 Ай бұрын

Great video !

@SimplyCyber Ай бұрын

Glad you enjoyed, important stuff.

@isaacodumbo300 Ай бұрын

reputational damage

@nikkirawal3822 Ай бұрын

Thanks for the videos and give us the brief such kind of knowledge 👍♥️

@SimplyCyber Ай бұрын

Appreciate you watching and commenting.

@Macj707 Ай бұрын

CHEF WUZ HERE!

@DerekDarcy Ай бұрын

#TeamSC

@jessekela165 Ай бұрын

How is one supposed to go through the assesment if one answer goes wrong? Refresh page and start over?

@SimplyCyber Ай бұрын

i show it in the video.; click the little pencil in the top right and change the value.

@jessekela165 Ай бұрын

@@SimplyCyber Wow for some reason it was not functioning first attempt.

@sauceymitts137 Ай бұрын

Steel Lion question 3 is giving me hell

@SimplyCyber Ай бұрын

you can get a hint from the response. if it says too much risk, then back up the Likeliihod or impact a few, if it says something like a 'slightly higher risk' then back up the L/I one.

@sauceymitts137 Ай бұрын

@@SimplyCyberI solved it right after this post. It was a 1-4 so was tough to get at first