Ensuring Risk Assessments Have Business Value

Date: May 23, 2018

Recorded May 23, 2018 at 1:00 PM EST

There is continuing pressure to keep our information secure and breach-free. At the same time, management often doesn’t see the need of increasing budget if there isn’t an incident occurring or a compliance need.

So how does someone in the trenches measure, monitor, and communicate this to ensure that you get the buy-in needed – or at least get the acceptance from management on the risk. It’s something that everyone in a security leadership position struggles with.

None of the Top 10 skills a CISO needs include technological know-how!

According to a study released by University of Kansas researchers, communication, political skills, and risk assessment and management all made the top 10 most important skills CISO said they needed. Through this talk, we will be discussing some of the key points in implementing, managing, and creating risk oversight to communicate both internally to the security team and externally with the company.

Are you getting 10% of your IT budget for Security?

Top organizations are typically spending up to 10% of their overall IT budget on security. A properly implemented risk assessment program illuminates the justification for spending based on what the business deems appropriate levels of risk acceptance.

Find out how the right business risk assessment can help!

According to Gartner, the number of larger enterprises reporting to their board of directors on cybersecurity and technology risk at least once a year will rise from 40% in 2016 to 100% by 2020!

One thing is certain: Security problems are emphatically business problems. Risk assessments are the bridge to tackling the business alignment needed in today’s environment.