Bon Appetit: Establishing an Effective Cyber Risk Appetite

Posted on in Presentations

A defined cyber risk appetite is foundational to the success of any firm's information security program. Yet guidance on what makes a cyber risk appetite effective is arguably lacking, especially standards for establishing risk appetite compliance thresholds as well as KPIs, KRIs, and KCIs. This talk will share current and forthcoming guidance and practices for cyber risk appetite development.

Matt Tolbert


Senior Risk Specialist, Cybersecurity & Operational Risk, Federal Reserve Bank of Cleveland

Share With Your Community