English: The Risk Management Process for IT Systems according to ENISA, following ISO 27005 (Photo credit: Wikipedia)
Workshop on Cyber Risk Management, including
The Impact of the Recent SEC Advisory on Material Cyber Risk
Announcing a workshop in NY focused on discussing the
Cyber Risk Management Best Practices of Financial Services – Brought to you by:
Internet Security Alliance, Aerospace Industries Association, National Association of Manufacturers,
Union of Concerned Cybersecurity Leaders, & the Financial Services Information Sharing and Analysis Center
Abstract: It is well known that corporate assets and systems are increasingly being subjected to cyber attacks based on a multitude of motives, ranging from profit, competitive advantage, revenge, punishment, and even conflict advantage.
Current perimeter defense approaches are increasingly ineffective against these advanced threats, yielding little real risk reduction. Under this emerging reality, we invite you to learn how leading organizations in the financial services industry manage cyber risks today, and the factors that leaders in critical industry sectors, who have experience with these advanced threats, are considering in assessing cyber risk.
All organizations are facing limited resources and competition for those resources is tough. Enterprises must make
resource allocation decisions as to how to spend its risk management dollars while considering other business risks and do so in a way that demonstrates that every dollar yields the greatest risk reduction.
The workshop will bring together key senior executive stakeholders to provide practical insights and discuss how their organization is currently analyzing and managing its perceived cyber risks, including potential answers to the following questions: How is cyber risk defined within its corporation? How does cyber fit in within its analysis of physical risk? Who in the organization is involved in these risk assessments? How does economics play into this assessment? Has the SEC advisory on the materiality of cyber risk effected the process if at all and why?
Hosts Non-Profit Organizations:
• Internet Security Alliance (ISA)
• Financial Services Information Sharing and Analysis Center (FS ISAC)
• National Association of Manufacturers (NAM)
• Aerospace Industries Association (AIA)
• Union of Concerned Cybersecurity Leaders (UCCL)
Cyber Risk Management Best Practices
• Workshop 3: Financial Services Industry:
o Date: Last Week in November 2012 (TBC)
o Location: New York City, Chartis Insurance, 180 Maiden Lane, 30
Floor, New York, NY 10038 (TBC)
o Focus: Financial Services industry best practices
o Host: ISA, FS-ISAC, and Chartis Insurance
o Case Study Companies: TBC
o Lunch Speaker: TBC
Audience: by invitation only – approximately 20-35 guests
The intended audience will include Chief Information Security Officers, Chief Financial Officers, Chief Risk Officers,
General Counsels and other management level stakeholders from Finance, Risk, IT, or legal. A confirmed RSVP is
required. All participants must RSVP to email@example.com.