Skip to main content

Distinguished Seminar:  Don’t Be Tomorrow’s Boiled Frog - Cyber Risk Appetite for Executives

Date:January 25, 2016 
Talk Title:Don’t Be Tomorrow’s Boiled Frog - Cyber Risk Appetite for Executives
Speaker:Earl Crane, Founder and CEO, Emergent Network Defense, Inc.
Time & Location:12:00pm - 1:00pm
DEC, CIC Building, Pittsburgh

Abstract

The past few years have seen a focus on cybersecurity risk management by executive leadership that increasingly have a fiduciary requirement to establish a risk appetite and manage their cybersecurity risk profile. High-profile retail breaches like Target demonstrated the inherent risks of third party connections. Destructive corporate breaches like those at Sony, Sands Casino, and Saudi Aramco demonstrated the initiative of nation-states to attack private corporations for political reasons. The root cause of every one of these breaches can be attributed not to technical failures, but to a failure in governance—a shortcoming to manage cybersecurity risks. Cybersecurity risk appetite is quickly becoming an integrated function to an organizations holistic enterprise risk management program. Organizations frequently have many of the right technical tools deployed to manage cybersecurity risk, but are not instrumented and deployed in the most effective way. This talk will provide real-world insights to instrumenting cybersecurity risk appetite as a risk management tool.

Speaker Bio

Dr. Earl Crane is the Founder and the Chief Executive Officer of Emergent Network Defense, Inc. (END). Dr. Crane has advised the President of the United States as the Director for Federal Cybersecurity Policy on the White House National Security Council, Wall Street executives and multiple Fortune 100 corporations on their cyber defensive strategies. Dr. Crane led the implementation of the Department of Homeland Security’s information security strategy, and has taught hundreds of cybersecurity masters students and executives through Carnegie Mellon’s Heinz College and CISO Certificate program. He earned his Ph.D. from George Washington University, a Masters of Information System Management at Carnegie Mellon University and a B.S. in mechanical engineering at Carnegie Mellon University. He is helping organizations engage in cybersecurity discussions with impact to their real-world challenges and enable executives to reduce their corporate cybersecurity risk.