Risk Management & Governance

Managing risk in an ever-evolving threat landscape presents myriad challenges that become even more complicated when considering a hybrid workforce, SaaS, geopolitics, and the economy. Join us for this half day virtual seminar in which we’ll hear from a panel of CISOs who will discuss the top issues impacting their risk decisions. The panel will be followed by three sessions that will explore additional aspects of risk management and governance.

The first and last sessions will be followed by a 20-25 minute Q&A.

December 8, 2022 | 12:00 AM ET in Virtual Seminars
Seminar Sessions

Session 1: Panel: CISO Fireside Chat: Top Issues Impacting Risk Decisions

Whether it’s employees returning to the office, SaaS, or the current state of global affairs, everything from where employees work to the geo-political environment impacts risk decisions. Hear from this panel of CISOs who will reveal the influences that have changed their security models, how they dealt with threat landscape changes and staffing issues, and how they were able to manage their risk.

Moderator: Jerich Beason

Panelists: Arthur Deane, Elliott Franklin, Glauco Sampaio, Patti Titus

Session 2: Cyber Risk Framing: The Foundation for Cyber Risk Management and Reporting

Strategic, business process, and operational levels of the business must be aligned on risk priorities and management practices to enable effective governance. Risk framing provides foundational elements for the cyber risk strategy including assumptions, constraints, risk tolerance, priorities and trade-offs. These elements also enable a consistent and defendable approach to risk assessment, risk response and risk monitoring. There is an ever-increasing need to effectively communicate cyber risk of the organization—consider the SEC proposed rules on cybersecurity risk management, strategy, governance and incident disclosure by public companies. To meet current and future requirements effectively we need to start at the beginning with cyber risk framing.

Presenter: Jamie Sanderson Reid

Session 3: Compliance as a Culture: Associating Assurance with Organizational Values

Historically, technology and cyber compliance has been approached as a bottom-up problem space, resulting in duplicative, piecemeal engagements that mistake effort for value. What if compliance was instead a natural outcome of a cultural shift which aligned assurance with organizational vision and values? Join me in a thought experiment which examines successful use cases and identifies how we can move the needle within our corporate cultures.

Presenter: Christie Gross

Session 4: Bon Appetit: Establishing an Effective Cyber Risk Appetite

A defined cyber risk appetite is foundational to the success of any firm's information security program. Yet guidance on what makes a cyber risk appetite effective is arguably lacking, especially standards for establishing risk appetite compliance thresholds as well as KPIs, KRIs, and KCIs. This talk will share current and forthcoming guidance and practices for cyber risk appetite development.

Presenter: Matthew Tolbert

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and compliance management. More than 35% of the Fortune 500 leverage AuditBoard to move their businesses forward with greater clarity and agility.

Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Panel Speakers

CISO, Capital One Commercial Bank

Divisional CISO, Capital One

Director of IT Security and Network Operations (CISO), ServiceMaster Brands

CISO, Cielo

Chief Information Security Officer, Booking Holdings, Inc.

Session Speakers

Expert Cyber Risk Management Engineer, Delta Dental of California

Director, Cyber Governance Risk and Compliance (GRC), The AES Corporation

Senior Risk Specialist, Cybersecurity & Operational Risk, Federal Reserve Bank of Cleveland