• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

The DIY Approach to Risk Assessments

Risk Assessments are among some of the most outsourced projects in the Information Security portfolio. At the same time, majority of the 3rd party risk assessments end up collecting dust in thick binders, to be used exclusively for passing audits. This presentation will outline how any organization can perform its own risk assessment, without the ambiguity and complexity that often keeps managers from undertaking these projects. In fact, the DIY approach will ensure the risk assessment is not only a way to satisfy audit requirements, but can also be used to answer one of the most difficult questions in the industry: “How much security do you really need?”

Attendees will receive practical and actionable advice that can be put into practice immediately, with tools that range from Open Source software through moderately priced assessment automation suites. The presentation will focus on breaking down the risk assessment to its essentials, with specific guidance for completing each phase of the process. Risk assessments don’t have to be ambiguous, and can be something that helps companies make decisions that result in better security and resilience to a security incident.

Key learning points:
  • Third-Party Risk Assessment Rarely Work
  • Risk Assessments are more effective when done in-house
  • Many free or inexpensive tools will help facilitate the process

About Yan Kravchenko

Yan Kravchenko is passionate about finding ways for organizations to balance their business objectives with the ever-growing cybersecurity and regulatory challenges. Today, Kravchenko is focused on one of the latest frontiers in the field of security: application security. In this role, he is creating innovative tools and services for complex enterprises to understand their application security risks and optimize their security investments. In dealing with the ever-changing cybersecurity threat landscape, he brings the ability to interpret and apply technical, legal and business information to enable his clients to make informed decisions.

Over the past 20+ years, Kravchenko has worked through many IT and security evolutionary trends, learning different ways to evaluate, understand and remediate cybersecurity risks.

Primary Sidebar

Details

Tuesday May 17, 2016
4:15 PM - 5:15 PM
Room 7 & 8
Level: Intermediate
Focus: GRC (Governance, Risk & Compliance), Cybersecurity

Share this page

Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Buffer this page
Buffer
Email this to someone
email

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.