More than 99 percent of U.S. employer firms are in the small and midsize (SMB) space, and they’re getting crushed by countless regulations and standards. There must be a better way to manage the seemingly endless train of auditors and fire drills. Even more importantly, do any of these regulations reduce business risk and help improve business resilience? Just whose risk is really being managed? This presentation will discuss cost effective steps to regain control while simultaneously meeting regulatory obligations and achieving a legally defensible risk posture that helps ensure business survivability.
- Understand the problem-space affecting SMBs
- Understand the real risk owners behind regulations
- Understand how to build and manage your own risk profile
- Learn how to be better organized to balance needs and requirements, and how to scale risk management practices
About Ben Tomhave

Ben Tomhave, MS, CISSP, helps global enterprises, SMBs and service partners unlock the real promise of integrated governance, risk and compliance in his current role as Principal Consultant for LockPath, a market-changing GRC software company. A distinguished author and experienced speaker, he currently serves on the board of the Society of Information Risk Analysts board and as co-chair of the ABA InfoSec Committee. He is also a member of ISSA and the IEEE Computer Society, and earned a MS in Engineering Management from The George Washington University with an InfoSec Management concentration.