RSA posted my presentation from this year’s conference, Implementing a Quantitative Cyber-Risk Framework: A FinSrv Case Study. You can hear me explain the organizational environment and requirements and the automated risk assessment solutions I put in place to satisfy them.
The slides are still available here.
I’m looking forward to participating on this panel discussion at the upcoming FAIR Conference. This is a topic that really speaks to me and I’m looking forward to sharing what I’ve experienced and hearing from the co-panelists about how they’ve accomplished the same.
Here’s the full agenda and if you haven’t registered yet you can do so here.
I’m pleased to announce that I will be speaking again at Cyber Risk NA this year. I’ll be on a panel discussion about Modelling Cyber Risk (full program agenda here)
I’ll see you in New York on the 20th of March.
I’m very pleased to announce that my proposal was accepted for this year’s RSA Conference! I’ll be giving an overview of the quantitative risk framework I’ve implemented at my firm, TIAA.
I’ll be speaking Wednesday morning (April 18th) in the Security Strategy Track as an Advanced Topic.
Here is the abstract:
This session will review the Cyber Risk Framework implemented by TIAA that scales from the granular level up to business-level aggregate risk reporting, avoiding some typical pitfalls by avoiding being too narrow or broad. Included in this session are discussions about policy, standards, configuration baselines, quantification, ORM/ERM risk reporting, and project lifecycle engagement.
FAIR plays a big part in our framework, so you can be sure to have your questions answered about how to implement FAIR in your organization.
My fall conference calendar keeps filling up!
I’ll be a panelist at SIRAcon this year alongside Jim Hietala from the OpenGroup and a couple surprise guests on Thursday 13 Oct at 9:00 AM.
We will be speaking on the Risk Analyst Profession: Training and Certification Requirements.
I’ve got a busy October speaking calendar this year!
I will be participating on a panel discussion at the inaugural FAIR Conference this year, as well as signing books with Jack Jones.
Should be a fun time! Be sure and stop by to say hello!
I will be speaking this Wednesday, 5 Oct at the 2016 UNCC Cyber Security Summit. The last time I spoke there was 2013.
I’m doing a hybrid joint-presentation/panel discussion with Chris Houser from Wells Fargo and the panel discussion will be moderated by Todd Innskeep from Booz Allen Hamilton.
I will be talking about how to integrate Threat Intelligence into your Risk Management processes (aka Risk Intelligence).