Speaker: William D. Reed
Abstract: The Security Practitioner's Guide to Managing Cyber Risk
Cyber Security practitioners are at the forefront of protecting organizations against threats in the digital world. Current static approaches to cyber security have proven inadequate in many cases. We must bring dynamic defense to our organizations that is more aligned with driving down the risk to organizational value. Join us for a discussion of managing risk from the perspective of security practitioners.
We need to change how we approach our work by thinking in terms of systems in the context of risk management. By understanding the system dynamics in play for both the threat landscape and systems of controls arrayed to defend our organizations, we gain a more realistic view of what is practical for mitigating risk. We need to explicitly model the factors that drive the threats and impact of attacks to the bottom line. That will enable us to see all the relevant risk factors at the strategic, tactical, and operational levels. It will allows us to put our technical concerns into the proper business context so the C-Suite can better understand their choices. Ultimately, we will improve our the efficacy of our security programs and deliver to our businesses the best return on their security investments.