Articulating Risk to Senior Management #Infosec15 Keynote

Articulating Risk to Senior Management #Infosec15 Keynote

Articulating Risk to Senior Management: Infosecurity Europe 2015, Keynote Stage

Buy-in from senior management is repeatedly cited as a key driver of effective information risk management. Cyber security is certainly high-up on most board agendas following high-profile breaches and pressure from governments and regulatory bodies, however increasing board awareness doesn’t always translate into effective information security decision-making or support. Information security practitioners continue to state that articulating risk to senior management remains a big challenge.  This is often aggravated by the fact that when investment is secured, it is often difficult to demonstrate the return on that investment.

As enterprises become more connected, attackers become more sophisticated, and the likelihood of a breach increases, it has never been more important for information security practitioners to be able to translate risk into the language of the business. During this panel, the speakers shared best practice advice on how to articulate risk and depict the business value of information security, so that senior management understand the decisions they are being asked to make.

  • Understanding the key priorities of senior management and how this should inform communication strategy
  • Identifying appropriate risk metrics and KPIs  to communicate effectively to senior management
  • Discovering how to communicate information security performance to demonstrate ROI
  • Gaining practical advice on how to build a case for investment in security and incident response
  • Determining how to manage senior management involvement in information security

To see the full discussion, check out the Keynote video below:


Business Issues Covered

Deliver security to drive and enable clear business growth. Demonstrate clear thought leadership to ensure security is high on the corporate agenda and capex justified. Ensure information security projects demonstrate return on investment. Build cyber resilience within your organisation.

View the Presentation Slides

David Cass – Senior Vice President & CISO, Elsevier
Mike Pitman – CISO, Head of Information Security, John Lewis
James McKinlay – Head of Information Security, Worldline
Thom Langford, CISO, Publicis Groupe

Peter Wood, Security Advisory Group, ISACA London Chapter

Joy-Fleur Brettschneider leads Infosecurity Europe’s marketing team and is keen to ensure everyone involved with the show leaves satisfied. Joy advises how to get more stand traffic, maximise ROI, become an authority in your niche — everything you need to get the attention you deserve. A marketing professional with a slight obsession for attention to detail, Joy loves social media and technology . Strangely, she prefers business strategy books to novels.

Leave a Comment

Your email address will not be published. Required fields are marked *