• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

The DIY Approach to Risk Assessments

Risk Assessments are among some of the most outsourced projects in the Information Security portfolio. At the same time, majority of the 3rd party risk assessments end up collecting dust in thick binders, to be used exclusively for passing audits. This presentation will outline how any organization can perform its own risk assessment, without the ambiguity and complexity that often keeps managers from undertaking these projects. In fact, the DIY approach will ensure the risk assessment is not only a way to satisfy audit requirements, but can also be used to answer one of the most difficult questions in the industry: “How much security do you really need?”

Attendees will receive practical and actionable advice that can be put into practice immediately, with tools that range from Open Source software through moderately priced assessment automation suites. The presentation will focus on breaking down the risk assessment to its essentials, with specific guidance for completing each phase of the process. Risk assessments don’t have to be ambiguous, and can be something that helps companies make decisions that result in better security and resilience to a security incident.

Key learning points:
  • Third-Party Risk Assessment Rarely Work
  • Risk Assessments are more effective when done in-house
  • Many free or inexpensive tools will help facilitate the process

About Yan Kravchenko

Yan Kravchenko is passionate about finding ways for organizations to balance their business objectives with the ever-growing cybersecurity and regulatory challenges. Today, Kravchenko is focused on one of the latest frontiers in the field of security: application security. In this role, he is creating innovative tools and services for complex enterprises to understand their application security risks and optimize their security investments. In dealing with the ever-changing cybersecurity threat landscape, he brings the ability to interpret and apply technical, legal and business information to enable his clients to make informed decisions.

Over the past 20+ years, Kravchenko has worked through many IT and security evolutionary trends, learning different ways to evaluate, understand and remediate cybersecurity risks.

Primary Sidebar

Details

Tuesday May 17, 2016
4:15 PM - 5:15 PM
Room 7 & 8
Level: Intermediate
Focus: GRC (Governance, Risk & Compliance), Cybersecurity

Share this page

Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Buffer this page
Buffer
Email this to someone
email

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.