Minimum Viable Risk Management Program

Presented at SOURCE Seattle 2017, Oct. 5, 2017, 10:45 a.m. (90 minutes).

Most information risk management programs are cumbersome and expensive, requiring expertise and time that smaller organizations may not have. In addition, many attempts to start an information risk management program fail when the program seems to have no relevance to the organization except during audits. This workshop will cover a risk management program that is lightweight, useful, and can scale as the organization matures. This process has been successfully implemented and requires no specialized tools. By the end of the workshop, you will be able to perform a simple risk assessment and set up a useful and auditable risk management program.

Presenters:

• Rachael Lininger - Security Strategist at Leviathan Security Group
  Rachael Lininger is a Security Strategist with Leviathan Security Group. With more than a decade of information security experience, she has worked in a variety of verticals, including banking, healthcare, and retail. Rachael is also a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and certified FAIR Risk Analyst.

Similar Presentations:

• BSidesLV 2017 / Minimum Viable Risk Management Program
• AppSec USA 2015 / Training (1 day): Risk Management Like a Boss: Making Your Risks Work for You
• Texas Cyber Summit 2019 / CS-2024 The Risk Management Hydra and why you need multiple assessments