Register now to see Omar in these sessions in-person or online at the 2022 FAIR Conference:
Panel: Driving Culture Change - From a Compliance to a Risk-based Approach to Cybersecurity
Tuesday, September 27, 10:00 AM - 10:45 AM
>>Omar Khawaja, CISO, Highmark Health
>>Mark Tomallo, SVP, CISO, Victoria’s Secret
>>Mary Elizabeth Faulkner, CISO, Thrivent Financial
>>Jeff Norem, Deputy CISO, Freddie Mac
Presentation: Justifying the Value of Cybersecurity to the Business with Highmark Health and the BOSITE Framework
Tuesday, September 28, 11:15 AM - 12:00 PM
>>Omar Khawaja, CISO, Highmark Health
Check out the videos of Omar’s past appearances at FAIR Conferences for a preview of one of the best speakers in the FAIR movement:
FAIRCON18 Video: A Master Class on Reporting Cyber Risk to the Board
Key points from Omar:
FAIRCON19 Video: CISO Panel: Defining the Goals of an Effective Risk Management Program
“The thing that was missing for us, was each area where we had a set of controls was doing phenomenally well but when you added it all together and called it a single security program, it lacked significant cohesiveness. We realized the first thing that a culture needs is a common language and that’s the reason we started to look at FAIR.”
Omar covered:
Omar leads the C-level panel at FAIRCON21 with (clockwise): Mary Elizabeth Faulkner - Thrivent, Betty Elliott - Freddie Mac, Harold Marcenaro - BCP
“Being able to stretch without breaking,” was imperative during the COVID crisis, said Omar. His motto: “Relentless incrementalism is our ultimate weapon.” He recommended that CISOs put their staffs through a resilience assessment (CISA offers one) so that they train to be “responding not reacting' to crises.”
Learn more in this FAIR Institute Meet-a-Member interview with Omar:
“We looked at different ways we could be more explicit about a risk-based culture, and we landed on FAIR. We thought it was the right mix of technical rigor but not so technical we would need to send people to engineering school to even implement it.”