Category Archives: Presentations

Featured on CISO Series – Hacking Cyber Risk Quantification

I had the pleasure of doing a live session on David Spark and Spark Media’s CISO Series with Nick Esponosa. Things got wacky but we also had a good time discussing with CRQ is and how it can help companies make better decisions. You can check out the highlights reel here and the full videoContinue reading “Featured on CISO Series – Hacking Cyber Risk Quantification”

85.7% COVID-19 Free March Update!

RSA Roundup Updates on the Monday all-day FAIR session I did with Jack Jones, Chad Weinman, and Rachel Slabotsky, as well as my Thursday session on maturing your risk management practice. RSAC 2020 Report – Big Turnout for 2 FAIR Seminars, Breakfast Advice on Starting a FAIR Program from Jack Jones and Fannie Mae, AscenaContinue reading “85.7% COVID-19 Free March Update!”

Speaking at the Cyber Future Dialogue in Davos during the World Economic Forum (WEF)

I’m very excited to announce that I will be speaking at the Cyber Future Dialogue in two weeks in Davos, Switzerland during the World Economic Forum. This is going to be an amazing opportunity to converse with distinguished leadership from around the world on the necessity of and practical means to operationalize cyber risk quantificationContinue reading “Speaking at the Cyber Future Dialogue in Davos during the World Economic Forum (WEF)”

RSA 2020, NIST CSF, and Dark Reading

First off, I’m very pleased to announce that I will be presenting again next year at the RSA Conference. My session is called “Maturing Cyber-Risk Management Practices: Framework and Next Steps” (EZCL-R01).  This will be done as a Collaborative Learning Session (a new RSAC format). I’ll lead a discussion then turn it over to theContinue reading “RSA 2020, NIST CSF, and Dark Reading”

Apex Threat Agents, More HITRUST, Quant/Qual Showdown, and Iran

Time for another roundup! Below are some works I’ve recently done on Apex Threat Agents, HITRUST, my time at the Gartner Summit, and some thoughts on Iranian attacks. How to Model Risk in an Apex Predator Cyber-World Enhancing HITRUST Risk Assessments with Cyber Risk Quantification (CRQ) Gartner 2019 Debate: Quantitative vs. Qualitative Cyber Risk AnalysisContinue reading “Apex Threat Agents, More HITRUST, Quant/Qual Showdown, and Iran”

RSAC 2019 Virtual Pen Testing Slides Available

With RSA completed over two weeks ago, and an ensuing sickness, I realized I haven’t posted about my presentation with Joel Amick. I thoroughly enjoying sharing this work with the RSA audience and had some great conversations afterwards. I think agent-based modeling (ABM) has some interesting use cases in cybersecurity and risk management. I think that inContinue reading “RSAC 2019 Virtual Pen Testing Slides Available”

Presenting on Agent Based Risk Modeling at RSA Conference Next Week

RSA Conference is next week and I’m excited to share that I will be presenting on some work a a colleague and I have done on building an Agent-Based Model (ABM) using FAIR risk data. This should be an interesting discussion, so please join me next Wednesday at 2:50PM Pacific in Moscone West 2011. IContinue reading “Presenting on Agent Based Risk Modeling at RSA Conference Next Week”

Accepted at RSA 2019 – Virtual Pen Testing

I’m very pleased to announce that I’ve been accepted to speak again at next year’s RSA Conference. I’m going to be presenting on an Agent Based Model concept using FAIR risk results jointly with my colleague Joel Amick. Joel’s team and my team worked to develop a POC of this work and we can’t waitContinue reading “Accepted at RSA 2019 – Virtual Pen Testing”