As Matt Kruse, Senior Director - Risk, Information Security and Compliance (RISC) at FIS Global, the financial services technology company, tells the story, he went in to brief the board’s risk committee on the cybersecurity posture with the usual 50-page handbook of technical, compliance-centric metrics, only to be told by the board committee (newly re-constituted after a merger) that his metrics didn’t answer their top-of-mind questions, such as:
- How do we understand the total amount of risk we face as a newly merged company?
- How can we tell what’s more important among our risks?
- How can we see risk reduction?
- Can you show us risk in a consistent framework we will see at every meeting?
That was an “a-ha” moment, Matt says, and set him on a journey that led him to FAIR, with the assistance of consultancy Protiviti, and a revamped risk program ready to report at the next quarterly board meeting.
Hear and learn from the story as Matt and Vince Dasta, Director – Cyber Risk Quantification, Protiviti, present the session “Case Study - Reporting Cyber Risk to the Board: Real Life Examples”, at the virtual 2020 FAIR Conference, Oct. 6, 2:00-2:30 PM.
REGISTER FOR FAIRCON2020 (it’s free to FAIR Institute members)
In this session, Matt and Vince will describe and show examples of how they
- Created a simple statement of goals for board reporting
- Changed the risk team’s mentality from “implicit risk management” to “explicit risk management” with some immediate savings
- Analyzed a set of risk scenarios as a proof of value for the board
- Created a FAIR-based metrics report that satisfied the board members.
“Case Study - Reporting Cyber Risk to the Board: Real Life Examples”, at the virtual 2020 FAIR Conference, Oct. 6, 2:00-2:00 PM.
The 2020 FAIR Conference (FAIRCON2020), the premiere global risk management conference, will be held digitally on October 6 & 7 (Tues. and Wed.). FAIRCON2020 will provide ground-breaking keynote addresses, engaging C-suite panels, and expert case study sessions through a cutting edge virtual event platform. See the agenda. REGISTER NOW!