Cybersecurity Risk Management: Putting Principles into Practice
This talk covers the professional practice of cybersecurity risk management considered from the perspective of enterprise governance and operational risk management. It will encompass cybersecurity risk classification and assessment. Concepts include: cybersecurity risk identification, classification, measurement, remediation, monitoring and reporting. These will be illustrated with examples of assessments, controls, issues, events and metrics.