For ground-level, hands-on, advice on starting a FAIR™ quantitative risk management program, the Use Case Panorama session at the recent 2019 FAIR Conference was the place to be.
On the panel:Alex Rogozhin, VP of InfoSec Data Intelligence at BB&T
Laura Voicu, Senior Security Architect at Swisscom
Luke Domet, Center of Excellence Lead - Technology Risk Assessments at Fidelity Investments
India Sutton, Global Cyber Risk Management Specialist at Daimler Mobility AG
With Chris Patteson, Executive Director of the Risk Transformation Office at RSA, moderating.
In this video, you’ll learn:
How Laura’s team at Swisscom developed a one-page analysis summary for senior management that, yes, still included red-yellow-green ratings (but based on a quantified approach to risk appetite).
How Alex at BB&T planned an escalating series of introductions of quantification to limit failure, with support from the RiskLens professional services team. Senior management was greatly impressed that analysis sometimes pointed away from buying more controls and toward more cost-effective steps such as increased insurance.
How Luke at Fidelity developed one of the most advanced FAIR programs around – to analyze risk on thousands of applications, his team created standardized, FAIR-based risk scenarios then ran them through a rules engine for rapid, automated triage, showing the team how to prioritize further risk analysis.
How India lined up her FAIR program at Daimler Mobility with an ongoing, worldwide digital transformation project. “As you’re developing objectives or seeking support for cyber risk quantification, align with the corporate strategy or an existing enterprise objective,” was her takeaway.
Watch the complete video of Use Case Panorama - How Quantification Enables Risk-Aligned Decision Making. Slides are attached. Note: FAIR Institute membership and LINK community site membership required.
Join the FAIR Institute now (it's free) – 7,000 of your peers are learning and networking online with LINK, at local chapter meetings and at the annual FAIR Conferences.