Board Room Decisions: How to Use Threat-Informed Industrial Risk Management-Jason Christopher
Over the past couple of years, cyber risk management has embraced the notion that industrial organizations need to know the impacts of a cyber security incident. How bad is your worst bad day? This can be measured in production outage minutes, health and safety impacts, environmental damages—even in dollars and cents. While this is absolutely one of the best ways to start your organization’s discussions for risk management, it will, over time, not be enough.
Every day you do not suffer from your “worst day,” begs the question “how often will this worst day occur?” Which is quickly followed by, “are we investing in our security program smartly?” Following up from previous SANS ICS Summit talks on industrial risk management, this presentation will explore how to improve your qualified risk assessments with actionable information from threat intelligence to answer executive and board room questions around feasibility for risk-based attack scenarios.
Jason D. Christopher (Certified SANS Instructor and co-author for ICS418: ICS Security Essentials for Managers, and Director of Cyber Risk for Dragos Inc.) will outline practical solutions for measuring threat capabilities mapped to potential industrial attacks that can be built into a sustainable risk management process. Using real-world use cases from actual asset owners, learn how to mature your industrial organization’s risk metrics to both increase security budgets and influence the overall culture to prevent, detect, and respond to cyber threats.
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
Видео Board Room Decisions: How to Use Threat-Informed Industrial Risk Management-Jason Christopher канала SANS Institute
Every day you do not suffer from your “worst day,” begs the question “how often will this worst day occur?” Which is quickly followed by, “are we investing in our security program smartly?” Following up from previous SANS ICS Summit talks on industrial risk management, this presentation will explore how to improve your qualified risk assessments with actionable information from threat intelligence to answer executive and board room questions around feasibility for risk-based attack scenarios.
Jason D. Christopher (Certified SANS Instructor and co-author for ICS418: ICS Security Essentials for Managers, and Director of Cyber Risk for Dragos Inc.) will outline practical solutions for measuring threat capabilities mapped to potential industrial attacks that can be built into a sustainable risk management process. Using real-world use cases from actual asset owners, learn how to mature your industrial organization’s risk metrics to both increase security budgets and influence the overall culture to prevent, detect, and respond to cyber threats.
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
Видео Board Room Decisions: How to Use Threat-Informed Industrial Risk Management-Jason Christopher канала SANS Institute
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
SANS HM Gov Cyber Retraining AcademyTake SEC301 Introduction to Cyber Security at your own paceSANS Training: What's In It For YouVulnerability Management: Is the Program Effective: Part 3 of 3Panel | Mastercard Trust CenterVisions, Priorities and Strategy - Oh My!Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid ThemIt's easy to get approval to take a SANS coursePanel | Self-Management Strategies for Avoiding Burnout, Staying Healthy, and Getting Stuff DoneThe SANS Healthcare Forum 2022: RansomwareSANS Expert Line Up Live from RSAC Conference | April 26, 2023CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS InstituteMeet SANS Fellow: David HoelzerDeveloping CISO Leadership Skills with Frank Kim | ChatGPT for OSINT with Matt Edmondson | April 18Live with Jake Williams | RSA Conference 2022Exploring the Evolution of Cybersecurity Certifications, with Megan Roddie | May 23, 2023Live with Jess Garcia | RSA Conference 2022Live with Chris Cochran | RSA Conference 2022Keynote | Creating a culture of cyber readiness for small businessesICS Fireside Chat- Defining Security Functions to Gain Visibility from PLCs