RSA 2020, NIST CSF, and Dark Reading

First off, I’m very pleased to announce that I will be presenting again next year at the RSA Conference. My session is called “Maturing Cyber-Risk Management Practices: Framework and Next Steps” (EZCL-R01).  This will be done as a Collaborative Learning Session (a new RSAC format). I’ll lead a discussion then turn it over to theContinue reading “RSA 2020, NIST CSF, and Dark Reading”

Interviewed for the Cyber Canon

Back in April, when Jack Jones and I were inducted into the Cyber Security Canon we had the pleasure of being interviewed by Rick Howard, CSO of Palo Alto Networks. You can view the video here or watch it below. (They published the interview video back in September and I forgot to post it here.) It was hotContinue reading “Interviewed for the Cyber Canon”

OpRisk Book Chapter on Cyber Published

I’m pleased to announce that a new book has been published that includes a chapter that I wrote on Cybersecurity and Technology Risk. I was approached by the good folks at Risk Books on contributing some original Cyber content in their new publication on Operational Risk. I choose to address the general risks in theContinue reading “OpRisk Book Chapter on Cyber Published”

RedZone Podcast about Risk Forecasting

Bill Murphy‘s interview with me for his RedZone podcast was posted today. I had a great time talking with Bill about risk, FAIR, and forecasting. You can find the podcast here. It was a great discussion, and Bill was a very gracious host. His entire podcast series is worth subscribing to: he interviews some reallyContinue reading “RedZone Podcast about Risk Forecasting”

Inducted into the Cybersecurity Canon

I’m very pleased to announced that the book I coauthored with Jack Jones (Measuring and Managing Information Risk: A FAIR Approach) has been inducted today into the Cybersecurity Canon at the Palo Alto Networks 2016 Ignite Conference. The Canon includes books both fiction and nonfiction that accurately depict the history, milestones, and culture of theContinue reading “Inducted into the Cybersecurity Canon”

Speaking at OpRisk North America 2015

It’s a busy week for me. In addition to the webinar this Friday, next Monday (23 March) I’ll be holding a workshop at 11:00 AM in the Data Quality track of the OpRisk North America conference. I’ll be talking about financial metrics, risk appetite, volatility trends, and scenario analysis. You can’t have quality data withoutContinue reading “Speaking at OpRisk North America 2015”

The Definitive Guide to FAIR is now for sale everywhere!

The wait is over! The definitive guide to using FAIR in your daily risk work is now for sale everywhere you care to buy books (which in today’s book business means Amazon, Google, etc.). It’s available in soft cover if you want a physical book and also on eBook. There are a few reviews out thereContinue reading “The Definitive Guide to FAIR is now for sale everywhere!”