How Cyber (measured in dollars) Earns a Spot on the Risk Register

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

by Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security

Free CPE/Webinar

Date : May 17th, 2018 1:00 pm EST

For registration click https://www.brighttalk.com/webcast/14987/315231

Cyber has yet to be fully integrated into the suite of business functions and monitored risks within most organizations. GRC is the mechanism to align cyber and the business, but it’s current state is not sufficient. Governance hierarchy is ineffective (CISOs reporting to the CIO or COO), Risk leveraging ambiguous risk measurements, and Compliance mistaken as security. Moving forward, Governance must be redefined, making CISOs business leaders, reporting to the Board. Risk should leverage traceable data to measure in a common business language. Compliance should be the baseline for security initiatives, not the end goal. When these initiatives can be achieved, GRC will transform cyber into a business enabler.

Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security where he leads the effort to quantify cyber risk in financial terms. Prior to Nehemiah he founded PivotPoint Risk Analytics which focused on cyber risk quantification through value-at-risk modeling and simulations. Jerry has a broad background in cyber, having worked for incident response, malware analysis, and services companies. He has spoken at a number of conferences worldwide including ISS World MEA in Dubai, InfoSecurity Russia in Moscow, and TM World Forum in Nice, France. He holds an MBA from the University of Massachusetts, an MS in Computer Science from the University of Pennsylvania, and a BS in Electrical Engineering from the University of Buffalo.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
47 Followers
About ITPG Secure Compliance
Founded in 1999, ITPG Secure Compliance is dedicated to preventing information security breaches that put organizations at risk of noncompliance. Based in Vienna, VA, our subject matter experts are sought-after authorities on PCI DSS, HIPAA Security and Privacy Rule, FERPA and other industry security requirements. Our IT security consultants and virtual CISOs have decades of experience assessing security risks and vulnerabilities, recommending mitigation strategies and mapping remediation plans to strengthen enterprise security posture. We work with corporate, association, and state agency clients that span multiple industries and for multiple resellers. Visit our web site www.itpgsecure.com

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel