Security News > 2021 > August > Why it's important to create a common language of cyber risk
The 2020 Global Risk Study by PwC said that nearly 50% of respondents believe their risk, internal audit, compliance and cybersecurity departments are hampered by not formulating a common view of threats and the associated risk.
"When we work with business partners and stakeholders, it's important to make sure we find a common language, so everyone understands the risk we're communicating," Schorr said.
A risk matrix is often used during risk assessments to define the level of risk by considering probability and consequence severity.
"Everyone using the same language shows investment across the board and a company-wide understanding of the organization's risk and how that risk can be used to generate a strategic advantage."
At first glimpse, creating a universal language of risk seems impossible, and it likely is.
Agree on a taxonomy: In this situation, taxonomy is the identification or naming structure used to clearly understand risk assessment, monitoring, remediation and creating a common vocabulary.