Risk Management

Risk definition come in many forms and is often referred to as risk management. We find the easiest way to describe is simply as the possibility of something bad happening. Risk involves uncertainty about  an activity with respect to something that humans value, often focusing on negative, undesirable consequences. None of us want something bad to happen and it’s pre-wired in our heads to assess the risk of a situation that is presented to us.

High Risk Examples

Example 1, Giving remote access to your computer to a random caller claiming there is an issue and they can fix it.

Example 2, Clicking a random link in an email.

Example 3, Throwing away Credit Card, utility bill, medical bills, bank statements, or other sensitive information without appropriately shredding it. 

Example 4, Connecting to a random public Wi-Fi and browsing sensitive sites and logging in.

Risk is often learned over time. We don’t always know the risk that a given situation presents. If you’re new to computers, how could you possibly know that connecting to a Wi-Fi could put all of your information at risk?

Your Companies Risk

The companies you choose to do business with present a risk to your digital well-being. Understanding effective risk management techniques will help you stay safe. Financial Institutions, Banks, Credit Unions, Insurance Agencies, Debt Collectors (often out of your control), Your Doctor’s Office, etc. are all examples of companies that have a lot of sensitive information on you. If you’re even just a little worried about fraud, identity theft, or your personal information being stolen then it’s worth a quick look into the security posture of the organization. Dteckt offers you the ability to understand your risk based on the companies you do business with or may want to do business with. 

What Matters When Evaluating If My Information Is Safe?

There are a lot of components that matter and it’s not a small task to all of a sudden become an expert in every area that needs to be accounted for when assessing the risk of an organization.  At Dteckt, we believe that you can break down and understand a company’s performance by evaluating 7 Subjects. Those 7 Subject have more than 15 Topics as well as over 50 Criteria that make up a company score. What are the Subjects?

Technology

The Technology Subject is important in the world of security and privacy. Without a solid tech team focused on security, there’s no way a company can ensure, or even validate, that your information is safe. Companies who do well with the security aspect of technology understand what it takes to lock down devices, find compromises, keep the bad guys out, and ensure your traffic is encrypted when you choose to use their services. Believe it or not, there is an abundance of evidence that can be found online by using a free program to easily let you see the computer systems that belong to a company. From there, bad actors can find flaws in configurations and use those gaps to steal that company’s information.

Policies & Oversight

What industry is the company in, how big is the company, how many people even do security or privacy functions at a company, is the company regulated? Understanding the profile of the company quickly paints a picture as to whether or not they do things to protect your information. It’s generally a good sign that if a company has nobody doing a function that is intended to protect your information that they likely have nothing in place and would never know if someone stole your information. You should be cautious when engaging with those companies if you have a choice. If a company invests heavily in people and the best standards, they are likely to do a much better job.

Complexity

Imagine a 2 person company. Now picture Amazon. The complexity of managing a multi-national conglomerate is much more difficult than a 2 person company. Even though the tech giant does a lot to protect your information they are still large, complex, and a bigger target for bad actors. By understanding this one point, you already have a good understanding of how complexity plays a role.

Benchmark

Security & Privacy are ever evolving and require dedicated individuals to continue to perform. Comparing an organization to others’ performance can be very insightful. It can give a clear picture as to the choices that are available to you given a specific industry. How do all car dealerships perform? How do all medical offices perform? How do all banks perform? It’s very common for certain industries to perform better than others and at the end of the day, you still need to pick a company – you should pick the best one even if the industry performs poorly?

Customer Outreach

How frustrating is it when you can’t get in touch with someone at a company? If you can’t even get in contact with them for basic support, how do you think it would feel if your information was lost by that company and you were looking for assistance with protecting your identity? It wouldn’t be a fun situation. Customer Outreach is entirely geared towards evaluating a company’s commitment to the customer. 

Information Exchange

At the end of the day, there’s no way you can get complete visibility into how good or bad a company performs just from information on the Internet. You absolutely can get great insights and find glaring gaps, but there’s more to it. Security, privacy, and information protection are complex topics. The Information Exchange allows authorized individuals of companies to report on performance to alter scores to give YOU, the consumer, a more accurate picture into performance.