I’ll see you in New York on the 20th of March.
I’ll be speaking Wednesday morning (April 18th) in the Security Strategy Track as an Advanced Topic.
Here is the abstract:
This session will review the Cyber Risk Framework implemented by TIAA that scales from the granular level up to business-level aggregate risk reporting, avoiding some typical pitfalls by avoiding being too narrow or broad. Included in this session are discussions about policy, standards, configuration baselines, quantification, ORM/ERM risk reporting, and project lifecycle engagement.
FAIR plays a big part in our framework, so you can be sure to have your questions answered about how to implement FAIR in your organization.
My fall conference calendar keeps filling up!
I’ll be a panelist at SIRAcon this year alongside Jim Hietala from the OpenGroup and a couple surprise guests on Thursday 13 Oct at 9:00 AM.
We will be speaking on the Risk Analyst Profession: Training and Certification Requirements.
I will be speaking this Wednesday, 5 Oct at the 2016 UNCC Cyber Security Summit. The last time I spoke there was 2013.
I will be talking about how to integrate Threat Intelligence into your Risk Management processes (aka Risk Intelligence).
I’m pleased to announce that I have been asked to present at the Cyber Risk North America conference on 15-16 March in NY. Its offered in conjunction with OpRisk North America where I presented last year.
I will be presenting on the theme of assessing quality using Risk Forecast Accuracy (a topic that was the subject of our article in the February ISSA Journal). Come for a great session on the practical approach of creating and measuring the accuracy of the rating tables for your organization. I’m scheduled to speak on the second day at the 11:40AM session.
It’s a busy week for me. In addition to the webinar this Friday, next Monday (23 March) I’ll be holding a workshop at 11:00 AM in the Data Quality track of the OpRisk North America conference. I’ll be talking about financial metrics, risk appetite, volatility trends, and scenario analysis. You can’t have quality data without quantification, so that will be a big part of my presentation.