Markus Kaufmann came to the toy and collectible maker Funko as CISO last year after 15 years in infosec at banks and insurance companies. “I come from an ISO background,” he says, “ISO 9000, ISO 27000, where it’s let’s repeat the process, let’s improve it every year.”
Now, he’s bringing that discipline to a FAIR program at a much smaller company: “(FAIR) is a great process, let’s cycle through it year after year and improve the insights we are getting. We got some great results this year that allowed us to more precisely quantify the risk scenarios that we were looking at.”
Markus will share his experience building continuous improvement into risk management with FAIR at the upcoming FAIR Conference in a Case Study session, joined by his FAIR program consultant, Tom Callaghan. FAIRCON is September 27-28, in-person in Washington, DC, and live online. Register for FAIRCON22.
Case Study: Embedding CRQ in the Infosec Governance Process of a Fast-Growing Pop Culture Retail Organization
Tuesday, September 27, 3:30 - 4:15 PM
>>Markus Kaufmann, CISO, Senior Director of Information Security, Funko
>>Tom Callaghan, Co-Founder, C-Risk
Watch a short video conversation between Markus and Luke Bader, Director, Membership and Programs for the FAIR Institute in which he describes the benefits of risk quantification, as well as some tips on launching a FAIR program at your organization.