Understanding, managing and responding to risk is one of the core functions of any information security program. However, for many organizations risk assessment is cumbersome and time consuming process. IT leaders, as well as security regulations, are demanding risk management practices that can deliver quick and actionable results.
Rapid Risk Assessment is a new approach to risk management that dramatically reduces the time, effort, and complexity for IT security risk assessment. Using the existing principles of risk management defined in NIST 800-30 documents, Rapid Risk Assessment can deliver more actionable and reliable results empowering business leaders to make sound decisions about risk. The key to this approach is a unique combination of skills, organization, and documentation that accelerates every aspect of the risk management process.
In this presentation, IT Security veteran Andrew Plato will describe how current risk management practices are broken and how Rapid Risk Assessment fixes these problems. The presentation will also provide examples of how to define threats, compute probability, and use security assessment data to reinforce risk concepts.
- How current risk assessment methods are flawed
- The importance of business risk intelligence to leadership
- How to conduct a rapid risk assessment
- Learn about the benefits of actionable risk data. This is NOT a sales pitch at all. it is very educational, rapid risk assessment is a growing trend that revolutionizes how companies obtain and manage risk data
About Andrew Plato
In 1995 while working at Microsoft, Andrew Plato executed the first known instance of a SQL Injection attack against an early e-commerce site. When he demonstrated this attack to the developers, they dismissed the issue as irrelevant. Intrigued, Plato left Microsoft to found Anitian, an information security intelligence firm. Today, Anitian is one of the most trusted names in security intelligence with clients worldwide. Anitian has a mission to Build Great Security. For the past 20 years, Plato and Anitian have consistently executed on this mission with innovative, pragmatic answers to the most vexing security, compliance, and risk challenges. Plato’s career encompasses nearly every dimension of information security. He has participated in thousands of security projects, written hundreds of articles, and advised hundreds of C-level executives. Being both a business owner and a security practitioner allows Plato to bring a unique perspective to any discussion regarding security, technology, and governance. Plato is well-known for delivering entertaining presentations that challenge conventional thinking and deliver practical answers to complex IT security challenges.
