- This event has passed.
May 8, 2018 @ 1:45 PM - 4:00 PMFree
Quantitative Cyber Risk Management
Fear, uncertainty, and doubt (FUD): these at times have been the primary tools in the cybersecurity practitioner’s toolbox to acquire funding for security initiatives and gain the buy-in of business stakeholders.
There is another way!
Quantitative cyber risk management has been growing in popularity since the Great Recession where there was perceived to be a systemic failure of enterprise risk management (ERM). This new risk-consciousness amongst executives and boards of directors has led to additional focus on cyber risks and how organizations should manage those risks. Quantitative cyber risk management provides a way to drive objectivity through measurement and it a great alternative to the classic FUD approach.
This presentation will cover elements of some quantitative approaches from “Measuring a Managing Information Risk: A FAIR Approach” by Jack Jones and Jack Freund, and Doug Hubbard’s “How to Measure Anything in Cybersecurity Risk.”
Charles Warnky has been working in cyber security for 18 years as an engineer, architect, and more recently in strategy and leadership. He is currently trying really hard to establish a quantitative cyber risk management program at a financial services company.
So You’ve Had a Breach. Now What?
What are your obligations and responsibilities when it comes to breach disclosure? How can you best protect yourself from litigation? Learn from an experienced cybersecurity attorney on what to do and not to do.
Jeremy Rucker is an attorney practicing in the Dallas office of Scheef & Stone, L.L.P.’s. He has experience in a variety of privacy and cybersecurity issues and complex commercial transactions. His practice extends to advising clients on issues such as data and information security and compliance, data breach response, and data privacy. In his cybersecurity and data breach practice, he works to protect companies both before and after a data breach event by assisting in the development of data security procedures, assisting in incident response plans, and in staying abreast of the applicable, rapidly-changing federal and state laws.
Please RSVP below. You do not have to be a member to attend. All are welcome.