Speakers: Mike Jerbic and Bob Mark
The updated Open FAIR standards were published in November of 2020, expanding and clarifying how cyber risk can be quantified in economic terms. But how can these standards help solve compelling business problems? For example, to meet management and regulatory requirements, banks must calculate economic and regulatory capital for their cyber risk. Bank management and regulators require banks to reserve capital for operational risks, including cyber risk. Dr. Bob Mark and Mike Jerbic will present their forthcoming Open Group white paper “Calculating Capital Reserves for Cyber Risk” and show how Open FAIR can be used to assist in calculating capital reserve requirements and how cyber risk affects business decision making. Bob and Mike will show that when cyber risk is expressed in economic terms, the CISO through risk adjusted rate of return on capital calculations can demonstrate the business value of information security programs to a financial institution’s management and board of directors.