Don’t Be Tomorrow’s Boiled Frog - Cyber Risk Appetite for Executives
|Date:||January 25, 2016
|Talk Title:||Don’t Be Tomorrow’s Boiled Frog - Cyber Risk Appetite for Executives|
|Speaker:||Earl Crane, Founder and CEO, Emergent Network Defense, Inc.|
|Time & Location:||12:00pm -
DEC, CIC Building, Pittsburgh
The past few years have seen a focus on cybersecurity risk management by executive leadership that increasingly have a fiduciary requirement to establish a risk appetite and manage their cybersecurity risk profile. High-profile retail breaches like Target demonstrated the inherent risks of third party connections. Destructive corporate breaches like those at Sony, Sands Casino, and Saudi Aramco demonstrated the initiative of nation-states to attack private corporations for political reasons. The root cause of every one of these breaches can be attributed not to technical failures, but to a failure in governance—a shortcoming to manage cybersecurity risks. Cybersecurity risk appetite is quickly becoming an integrated function to an organizations holistic enterprise risk management program. Organizations frequently have many of the right technical tools deployed to manage cybersecurity risk, but are not instrumented and deployed in the most effective way. This talk will provide real-world insights to instrumenting cybersecurity risk appetite as a risk management tool.
Dr. Earl Crane is the Founder and the Chief Executive Officer of Emergent Network Defense, Inc. (END). Dr. Crane has advised the President of the United States as the Director for Federal Cybersecurity Policy on the White House National Security Council, Wall Street executives and multiple Fortune 100 corporations on their cyber defensive strategies. Dr. Crane led the implementation of the Department of Homeland Security’s information security strategy, and has taught hundreds of cybersecurity masters students and executives through Carnegie Mellon’s Heinz College and CISO Certificate program. He earned his Ph.D. from George Washington University, a Masters of Information System Management at Carnegie Mellon University and a B.S. in mechanical engineering at Carnegie Mellon University. He is helping organizations engage in cybersecurity discussions with impact to their real-world challenges and enable executives to reduce their corporate cybersecurity risk.