If you want your information risk program to be taken seriously by the business, you have to do more than just throwing around a few business terms. You need to embrace enterprise risk techniques. See how the engagement changes when you start talking about a product delivery risk instead of a Struts vulnerability. Cyber isn’t your top risk; focusing on the wrong priorities is your top risk.
Learning Objectives:
1: Learn how to integrate into a broader enterprise risk program.
2: Understand techniques from other disciplines that can be used in your cyber-program.
3: Learn to communicate security risks in business context.
Speaker: Evan Wheeler
Evan Wheeler is an expert in information security and operational risk management for organizations in many critical infrastructure sectors. Wheeler has extensive experience presenting business resilience and cyberthreat profiles to board committees, managing international teams, working directly with regulators and overseeing security operations. He is a Specialist in building and running risk programs for organizations in highly regulated environments. He earned an MS in information assurance at Northeastern University. He also served as a Course Author and Lecturer for graduate programs at UCLA, Clark University, Northeastern University and the SANS Institute. He published a book, Security Risk Management: Building an Information Security Risk Management Program from the Ground Up.
Detailed Presentation:
Comments