IT security is in a perpetual struggle for resources, attention, and comprehension. As security practitioners, it is not enough for us to implement security controls or write policies, we must communicate the complexities of IT security to executives who are not IT security experts. The answer is to “repackage” security and risk data into business risk intelligence (BRI). BRI is not a traditional risk assessment report or security dashboard. It is a strategy for communicating complex risk and security concepts to executive leadership in a manner that they can understand and use to make decisions.
In this presentation, we will discuss strategies for improving how to communicate risk to executive leadership in a more effective manner.
** Can’t make the session at this time? Andrew will present it for the first time on Tuesday @ 9:45am
- How current risk management techniques fail to communicate
- Strategies for explaining risk to leadership
- Making risk assessments a tool for executive decision-making
About Andrew Plato
In 1995 while working at Microsoft, Andrew Plato executed the first known instance of a SQL Injection attack against an early e-commerce site. When he demonstrated this attack to the developers, they dismissed the issue as irrelevant. Intrigued, Plato left Microsoft to found Anitian, an information security intelligence firm. Today, Anitian is one of the most trusted names in security intelligence with clients worldwide. Anitian has a mission to Build Great Security. For the past 20 years, Plato and Anitian have consistently executed on this mission with innovative, pragmatic answers to the most vexing security, compliance, and risk challenges. Plato’s career encompasses nearly every dimension of information security. He has participated in thousands of security projects, written hundreds of articles, and advised hundreds of C-level executives. Being both a business owner and a security practitioner allows Plato to bring a unique perspective to any discussion regarding security, technology, and governance. Plato is well-known for delivering entertaining presentations that challenge conventional thinking and deliver practical answers to complex IT security challenges.