Wednesday, September 5, 2018 at WebEx; Registration Required
Starts at 1:00 PM · Ends at 2:00 PM, EDT (America/New_York)
In today's world of risk management there is little differentiation between cyber risk and business risk. Furthermore, constant technology changes are introducing new risks on a daily basis. To address these risks, top down risk management with the ability to determine key controls, security architecture and appropriate spend distribution are required.
Join experts from RSA and TUV Rheinland OpenSky in our upcoming webinar for a discussion around the next evolution in cybersecurity; translating cyber risk into financial terms to more easily incorporate cyber risk management as part of business strategy. This webinar will cover the foundations of a risk program required to begin leveraging the standard for quantitative risk management for IT and cybersecurity risk management; the Factor Analysis of Information Risk (FAIR) methodology. By leveraging the FAIR methodology risk professionals are enabled to communicate cyber risk in the universal business language of money.
- Communicating cyber risk in financial terms
- How cyber risk quantification can help justify cost and rationalize spend of risk programs
- Understand concepts of key controls, investment rationalization, and board reporting
- Introducing security analytics to better establish probability of loss
- Foundational best practices to ensure your data is ready for use in a risk analysis using the FAIR methodology
Mark is an Information Security Executive with over 25 years of experience protecting a wide variety of assets while enabling business growth objectives. He has both engineering and architectural experience and is a frequent presenter to executive audiences. Mark's holds a Bachelor’s Computer Science and his qualifications include: Security Management certified (ISACA CISM), IT Risk Management certified (ISACA CRISC), PonemonFellow, DIACAP Senior Information Assurance Officer role, recognized by HIMSS as consumer IAM innovator, and Technical Fellow: EP3 Privacy Foundation
Chris has more than two decades experience as a practitioner, leader, and innovator within Governance Risk and Compliance and Integrated Risk Management in the manufacturing, technology, and logistics sectors. Prior to joining RSA, he managed a team of data scientists and application developers to build new methods, models, and architectures for managing fraud and cargo security for a global logistics organization. Chris continues to drive innovation in advanced data modeling techniques and creating actionable intelligence for managing risk. Chris is an Industrial Engineer and holds an MBA in Strategic Management.His current research lies in security architectures related to risk systems and risk data science. His work in the domain led to a patent for Methods, Systems, and Devices for Detecting and Isolating Device Posing Security Threats.
Marshall is a GRC strategist with RSA Archer, providing strategic input to the development of risk-related solutions and advising customers on best practices relating to Operational, Third Party, and Enterprise Risk Management. Prior to joining RSA, Marshall served as SVP/Director of Enterprise Risk Management for a diversified financial services company based out of Kansas City, MO. In that capacity, Marshall was responsible for the company’s enterprise risk management activities, including its ERM practices and technology solutions, information security, insurance risk transfer, loss management, third party risk management, Sarbanes-Oxley controls management and 302 certification process. Marshall has previously held positions in the financial services industry, including as Operational Risk Manager, Chief Audit Executive, IT Audit Director, and Assistant Controller. Marshall holds an M.A. in Economics from the University of Missouri, B.A.s in Economics & Political Science from Baker University, and has received certifications as a CIA, CISA, and CBA (non-practicing).
WebEx; Registration Required